2

I was creating a module application for Zend Framework 2. When I try to send a post request to my server with the necessary details, I get the error "Unable to enable crypto on TCP connection api.mysite.com". Earlier, I was getting the error "Unable to enable crypto on TCP connection api.mysite.com: make sure the "sslcafile" or "sslcapath" option are properly set for the environment."

On googling, I found I should set sslverifypeer to false. After doing this, I was left with the 1st part of the sentence "Unable to enable crypto on TCP connection api.mysite.com." Not getting idea where I could be wrong.

Under previous exceptions, I get "stream_socket_enable_crypto(): this stream does not support SSL/crypto"

user2740957
  • 171
  • 2
  • 15
  • I had the same problem and found this when searching. In my case, I had to somehow set the ZendOAuth cURL adapter parameters, [here's how I did it](http://stackoverflow.com/a/41408933/722036). – ᴍᴇʜᴏᴠ Dec 31 '16 at 14:02

3 Answers3

1

Please see this note in the docs: http://framework.zend.com/manual/2.3/en/modules/zend.http.client.html#connecting-to-ssl-urls . You shouldn't set sslverifypeer unless the site you're connecting to doesn't have a valid SSL certificate. Instead, set sslcapath as the error suggests. This gives PHP a way of validating the SSL certificate supplied by the host you're connecting to.

Tim Fountain
  • 33,093
  • 5
  • 41
  • 69
1

This is due to your site trying to communicate with a ssl used site. If you want to use default adapterZend\Http\Client\Adapter\Socket you have to define sslcapath configuration option in order to allow PHP to validate the SSL certificate. To avoid this I used the curl adapter instead.

    $client = new Client();
    $client->setUri($endPointUrl);

    $options = array('put your options'); 

    $client->setOptions($options);
    $client->setAdapter('Zend\Http\Client\Adapter\Curl');
    $response = $client->send();

Doc : http://framework.zend.com/manual/current/en/modules/zend.http.client.html

Ruwantha
  • 2,603
  • 5
  • 30
  • 44
0

You need to set Http Client Options.

Here is the working setting:

// eko/FeedBundle and issue with ssl site -> https://github.com/eko/FeedBundle/issues/51
    $httpClientOptions = array(
        'adapter' => 'Zend\Http\Client\Adapter\Socket',
        'persistent' => false,
        'sslverifypeer' => false,
        'sslallowselfsigned' => false,
        'sslusecontext' => false,
        'ssl' => array(
            'verify_peer' => false,
            'allow_self_signed' => true,
            'capture_peer_cert' => true,
        ),
        'useragent' => 'Feed Reader',
    );
    ZendFeedReader::setHttpClient(new ZendHttpClient(null, $httpClientOptions));

Here is the NOT working setting:

// eko/FeedBundle and issue with ssl site -> https://github.com/eko/FeedBundle/issues/51
    $httpClientOptions = array(
        'adapter' => 'Zend\Http\Client\Adapter\Socket',
        'persistent' => false,
        'sslverifypeer' => false,
        'sslallowselfsigned' => true,
        'sslusecontext' => true,
        'ssl' => array(
            'verify_peer' => false,
            'allow_self_signed' => true,
            'capture_peer_cert' => true,
        ),
        'useragent' => 'Feed Reader',
    );
    ZendFeedReader::setHttpClient(new ZendHttpClient(null, $httpClientOptions));

Note: I have issue with symfony bundle eko/feedBundle that use Zend library so essentially it is the same for you.

this solution tested and proven to be working.

Dung
  • 19,199
  • 9
  • 59
  • 54