4

I'm including svg files in my site using file_get_contents(). Normally this works fine on http, but I setup this site to use https locally. When I do I get this error: 

Warning: file_get_contents(): SSL operation failed with code 1. OpenSSL Error messages: error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed on line 226

Warning: file_get_contents(): Failed to enable crypto on line 226

From what I can tell, it's because the cert is self signed. I found a local solution of disabling the SSL check on file get contents. I found something similar using cURL. However this seems to be a security hole. Is there a way to make this work without disabling SSL checks in file_get_contents or cURL?

Neodan
  • 5,154
  • 2
  • 27
  • 38
paper_robots
  • 251
  • 2
  • 15

2 Answers2

2

You need allow to use a self-signed certificate. For that you need to define a custom stream context.

Example:

file_get_contents(
    'https://self-signed.badssl.com/',
    false,
    stream_context_create([
        'ssl' => [
            'allow_self_signed'=> true
        ]
    ])
);
Neodan
  • 5,154
  • 2
  • 27
  • 38
  • Would you have an answer to the author's question "Is there a way to make this work without disabling SSL checks in file_get_contents" ? – Sebastien Mar 08 '19 at 00:06
  • 1
    Updated the answer, now it just allows to use self-signed certificates. In another way, OP shouldn't use a self-signed certificate. – Neodan Mar 13 '19 at 09:31
0

You might also try upgrading your version of MAMP. This worked for me. I was two releases behind on MAMP while running it on MacOS Catalina and ran into a similar SSL error and finally solved it by just upgrading MAMP after wasting lots of time reading various Stackoverlow threads for a solution to no avail.

Bob Kennedy
  • 11
  • 1