From: Demian K. <dem...@vi...> - 2013-07-09 12:48:56
|
Regarding the configuration, there is no sslcapath configuration currently supported through VuFind's .ini files, but it would not be difficult to add - perhaps just create an [Http] section in config.ini, and have the options from there get passed directly to the HttpService via the VuFind\Http factory definition in the main VuFind module's module.config.php. If you would like to create a patch for this, I'll be happy to commit it. If you don't have time, feel free to open a JIRA ticket and paste this paragraph in, and I'll work on it when time permits. Regarding the "SSL operation failed with code 1" error, have you done any Googling of this message? I came across one thread which suggested that it may be caused by low socket timeout values in php.ini (which might explain why you are seeing the problem in PHP but not in wget). It might also be worth posting this problem to the ZF mailing list - there's been discussion in the past about SSL issues, so the solution may be on people's minds there. Good luck, and let me know if I can be of further assistance! thanks, Demian From: Joe Atzberger [mailto:jo...@bo...] Sent: Monday, July 08, 2013 8:54 PM To: vufind-tech Tech Subject: [VuFind-Tech] SSL for enhanced content I'm having trouble changing over our enhanced content code from development to production because of SSL: VuFind's (Zend) baseline clients seem unable to 'https://' w/ our server. Initially, to avoid an exception, I had to insert into module/VuFindHttp/src/VuFindHttp/HttpService.php: $client->setOptions(array('sslcapath' => '/etc/ssl/certs')); (I didn't find any "sslcapath" available. If there is a proper config file for this option, please advise.) But that wasn't a big deal. Our production webservice responds to requests like: https://api.booksite.com/poca/content_img?key=XX_joe_XX&ean=0399154868 >From the same system, I am able to successfully wget that address, for example. Excerpt from wget --debug: Initiating SSL handshake. Handshake successful; connected socket 3 to SSL handle 0x00000000019218e0 certificate: subject: /OU=Domain Control Validated/CN=*.booksite.com<http://booksite.com> issuer: /C=US/ST=Arizona/L=Scottsdale/O=GoDaddy.com, Inc./OU=http://certificates.godaddy.com/repository/CN=Go Daddy Secure Certification Authority/serialNumber=07969287 X509 certificate successfully verified and matches host api.booksite.com<http://api.booksite.com> But VF/Zend fails w/ exception attached below. Openssl version on the system is recent: 1.0.1e-fips 11 Feb 2013. We were already able to implement this feature in a non-Zend way, but if I can, I'd like to get it refactored to follow the project conventions before submitting upstream. --joe Exception: Message: Unable to enable crypto on TCP connection api.booksite.com:443<http://api.booksite.com:443> Backtrace: #0 /usr2/atz/repos/vufind-poca/vendor/zendframework/zendframework/library/Zend/Http/Client.php(1311): Zend\Http\Client\Adapter\Socket->connect('api.booksite.co...', 443, true) #1 /usr2/atz/repos/vufind-poca/vendor/zendframework/zendframework/library/Zend/Http/Client.php(848): Zend\Http\Client->doRequest(Object(Zend\Uri\Http), 'GET', true, Array, '') #2 /usr2/atz/repos/vufind-poca/module/VuFind/src/VuFind/Cover/Loader.php(425): Zend\Http\Client->send() #3 /usr2/atz/repos/vufind-poca/module/VuFind/src/VuFind/Cover/Loader.php(719): VuFind\Cover\Loader->processImageURL('https://api.boo...') #4 /usr2/atz/repos/vufind-poca/module/VuFind/src/VuFind/Cover/Loader.php(267): VuFind\Cover\Loader->booksite(NULL) #5 /usr2/atz/repos/vufind-poca/module/VuFind/src/VuFind/Cover/Loader.php(222): VuFind\Cover\Loader->fetchFromISBN() #6 /usr2/atz/repos/vufind-poca/module/VuFind/src/VuFind/Controller/CoverController.php(78): VuFind\Cover\Loader->loadImage('073892783X', 'small', NULL) #7 /usr2/atz/repos/vufind-poca/vendor/zendframework/zendframework/library/Zend/Mvc/Controller/AbstractActionController.php(83): VuFind\Controller\CoverController->showAction() #8 [internal function]: Zend\Mvc\Controller\AbstractActionController->onDispatch(Object(Zend\Mvc\MvcEvent)) #9 /usr2/atz/repos/vufind-poca/vendor/zendframework/zendframework/library/Zend/EventManager/EventManager.php(472): call_user_func(Array, Object(Zend\Mvc\MvcEvent)) #10 /usr2/atz/repos/vufind-poca/vendor/zendframework/zendframework/library/Zend/EventManager/EventManager.php(207): Zend\EventManager\EventManager->triggerListeners('dispatch', Object(Zend\Mvc\MvcEvent), Object(Closure)) #11 /usr2/atz/repos/vufind-poca/vendor/zendframework/zendframework/library/Zend/Mvc/Controller/AbstractController.php(117): Zend\EventManager\EventManager->trigger('dispatch', Object(Zend\Mvc\MvcEvent), Object(Closure)) #12 /usr2/atz/repos/vufind-poca/vendor/zendframework/zendframework/library/Zend/Mvc/DispatchListener.php(114): Zend\Mvc\Controller\AbstractController->dispatch(Object(Zend\Http\PhpEnvironment\Request), Object(Zend\Http\PhpEnvironment\Response)) #13 [internal function]: Zend\Mvc\DispatchListener->onDispatch(Object(Zend\Mvc\MvcEvent)) #14 /usr2/atz/repos/vufind-poca/vendor/zendframework/zendframework/library/Zend/EventManager/EventManager.php(472): call_user_func(Array, Object(Zend\Mvc\MvcEvent)) #15 /usr2/atz/repos/vufind-poca/vendor/zendframework/zendframework/library/Zend/EventManager/EventManager.php(207): Zend\EventManager\EventManager->triggerListeners('dispatch', Object(Zend\Mvc\MvcEvent), Object(Closure)) #16 /usr2/atz/repos/vufind-poca/vendor/zendframework/zendframework/library/Zend/Mvc/Application.php(294): Zend\EventManager\EventManager->trigger('dispatch', Object(Zend\Mvc\MvcEvent), Object(Closure)) #17 /usr2/atz/repos/vufind-poca/public/index.php(59): Zend\Mvc\Application->run() #18 {main} Previous exceptions: ErrorException stream_socket_enable_crypto(): SSL operation failed with code 1. OpenSSL Error messages: error:14090086:SSL routines:func(144):reason(134) #0 [internal function]: Zend\Stdlib\ErrorHandler::addError(2, 'stream_socket_e...', '/usr2/atz/repos...', 281, Array) #1 /usr2/atz/repos/vufind-poca/vendor/zendframework/zendframework/library/Zend/Http/Client/Adapter/Socket.php(281): stream_socket_enable_crypto(Resource id #287, true, 2) #2 /usr2/atz/repos/vufind-poca/vendor/zendframework/zendframework/library/Zend/Http/Client.php(1311): Zend\Http\Client\Adapter\Socket->connect('api.booksite.co...', 443, true) #3 /usr2/atz/repos/vufind-poca/vendor/zendframework/zendframework/library/Zend/Http/Client.php(848): Zend\Http\Client->doRequest(Object(Zend\Uri\Http), 'GET', true, Array, '') #4 /usr2/atz/repos/vufind-poca/module/VuFind/src/VuFind/Cover/Loader.php(425): Zend\Http\Client->send() #5 /usr2/atz/repos/vufind-poca/module/VuFind/src/VuFind/Cover/Loader.php(719): VuFind\Cover\Loader->processImageURL('https://api.boo...') #6 /usr2/atz/repos/vufind-poca/module/VuFind/src/VuFind/Cover/Loader.php(267): VuFind\Cover\Loader->booksite(NULL) #7 /usr2/atz/repos/vufind-poca/module/VuFind/src/VuFind/Cover/Loader.php(222): VuFind\Cover\Loader->fetchFromISBN() #8 /usr2/atz/repos/vufind-poca/module/VuFind/src/VuFind/Controller/CoverController.php(78): VuFind\Cover\Loader->loadImage('073892783X', 'small', NULL) #9 /usr2/atz/repos/vufind-poca/vendor/zendframework/zendframework/library/Zend/Mvc/Controller/AbstractActionController.php(83): VuFind\Controller\CoverController->showAction() #10 [internal function]: Zend\Mvc\Controller\AbstractActionController->onDispatch(Object(Zend\Mvc\MvcEvent)) #11 /usr2/atz/repos/vufind-poca/vendor/zendframework/zendframework/library/Zend/EventManager/EventManager.php(472): call_user_func(Array, Object(Zend\Mvc\MvcEvent)) #12 /usr2/atz/repos/vufind-poca/vendor/zendframework/zendframework/library/Zend/EventManager/EventManager.php(207): Zend\EventManager\EventManager->triggerListeners('dispatch', Object(Zend\Mvc\MvcEvent), Object(Closure)) #13 /usr2/atz/repos/vufind-poca/vendor/zendframework/zendframework/library/Zend/Mvc/Controller/AbstractController.php(117): Zend\EventManager\EventManager->trigger('dispatch', Object(Zend\Mvc\MvcEvent), Object(Closure)) #14 /usr2/atz/repos/vufind-poca/vendor/zendframework/zendframework/library/Zend/Mvc/DispatchListener.php(114): Zend\Mvc\Controller\AbstractController->dispatch(Object(Zend\Http\PhpEnvironment\Request), Object(Zend\Http\PhpEnvironment\Response)) #15 [internal function]: Zend\Mvc\DispatchListener->onDispatch(Object(Zend\Mvc\MvcEvent)) #16 /usr2/atz/repos/vufind-poca/vendor/zendframework/zendframework/library/Zend/EventManager/EventManager.php(472): call_user_func(Array, Object(Zend\Mvc\MvcEvent)) #17 /usr2/atz/repos/vufind-poca/vendor/zendframework/zendframework/library/Zend/EventManager/EventManager.php(207): Zend\EventManager\EventManager->triggerListeners('dispatch', Object(Zend\Mvc\MvcEvent), Object(Closure)) #18 /usr2/atz/repos/vufind-poca/vendor/zendframework/zendframework/library/Zend/Mvc/Application.php(294): Zend\EventManager\EventManager->trigger('dispatch', Object(Zend\Mvc\MvcEvent), Object(Closure)) #19 /usr2/atz/repos/vufind-poca/public/index.php(59): Zend\Mvc\Application->run() #20 {main} |