新环境c7、php7.4、openssl1.1.1g,再discuz里发送邮件总是报ssl连接不上
Warning: fsockopen(): SSL operation failed with code 1. OpenSSL Error messages: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed in /www/a.php on line 5 Warning: fsockopen(): Failed to enable crypto in /www/a.php on line 5 Warning: fsockopen(): unable to connect to ssl://smtp.exmail.qq.com:465 (Unknown error) in /www/a.php on line 5
以上是测试结果
找了google和度娘都没有解决,说什么证书问题
最后看到个修改方法的,临时用一下
修改 source/function/function_core.php
注释原来的函数,新增以下方法
function fsocketopen($hostname, $port = 80, &$errno, &$errstr, $timeout = 15) {
$fp = '';
if(function_exists('stream_socket_client')) {
$contextOptions = array(
'ssl' => array(
'verify_peer' => false,
'verify_peer_name' => false
)
);
$context = stream_context_create($contextOptions);
$fp = @stream_socket_client($hostname.':'.$port, $errno, $errstr, $timeout,STREAM_CLIENT_CONNECT, $context);
}
return $fp;
}
测试后可以正常放邮件,就是以后dz升级要注意下这块或者重新编译系统环境。
原文提示
一个php系统很早的了,后来把环境升级换成https与php5.6以后发现通信api不工作,通过排查发现是fsockopen函数的问题:
报错:Warning: fsockopen(): SSL operation failed with code 1. OpenSSL Error messages:error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate
解决方法法改造一下fsockopen方法:
//不验证证书
$contextOptions = array(
'ssl' => array(
'verify_peer' => false,
'verify_peer_name' => false
)
);
//如果有签名的证书
/*
$contextOptions = array(
'ssl' => array(
'verify_peer' => true,
'cafile' => '/path/to/cacert.pem',
//'CN_match' => 'xcwmoon.net', // 匹配域名
'ciphers' => 'HIGH:!SSLv2:!SSLv3',
'disable_compression' => true,
)
);
*/
$context = stream_context_create($contextOptions);
$fp = stream_socket_client("ssl://{$host}:{$port}", $errno, $errstr, $timeout, STREAM_CLIENT_CONNECT, $context);
