Php 5.6 has SSL connection issues, but older php vesions work fine


Enter Your Query:
Use '%' for wildcards and quotes for "exact phrases"


Top Level » SSL

Php 5.6 has SSL connection issues, but older php vesions work fineLast Modified: Dec 13, 2016, 4:04 pm
With the php 5.6 release, they've made a notable change where it now verifies SSL certificates for all connections.
http://php.net/manual/en/migration56.openssl.php

This will cause issues for many php scripts, such as the roundcube password plugin which connects to DA, or any other php scripts that connect to an https socket.

For the roundcube password plugin, and other similar connections that are affected, one solution is to ensure you're connecting to a hostname that has a valid SSL certificate on it.

A) We'll assume your hostname is

  1. The roundcube password plugin connects to https on port 2222, so you must ensure DA is running a valid certificate there.
    You can use this guide to setup a certificate on your hostname in DA on 2222, but also applies to apache and your mail servers.

  2. Next, you'll want to tell roundcube to connect to server.hostname.com instead of "localhost".
    Edit:

    /var/www/html/roundcube/plugins/password

    and set the value to be:

    $config['password_directadmin_host'] = 'ssl://server.hostname.com';



B) The other option is to disable the certificate check for php calls.  Curl can do this, and we've updated the httpsocket class to version 3.0.0 which uses curl.  To get these changes for RoundCube, type:

cd /var/www/html/roundcube/plugins/password/drivers
wget -O directadmin.php http://files1.directadmin.com/services/all/roundcube/directadmin3.php



C) Update: CustomBuild 2.0 can now download a valid cacert.pem to allow php to work normally without other changes.  If you get CustomBuild 2.0 rev 1624 or newer, you can type:

./build php_cacert

which will setup the certificate in the location of php's default cert, eg:

/usr/local/bin/php -r "if (function_exists('openssl_get_cert_locations')) echo openssl_get_cert_locations()['default_cert_file'];"

If you get no output, then you might be using php 5.5 or older.

© 2018 JBMC Software, Suite 173  3-11 Bellerose Drive, St Albert, AB  T8N 1P7  Canada.  Mon-Fri 9AM-5PM MST