On 2019-10-27 22:03, Jan Ehrhardt wrote: > Your build is still linking the system OpenSSL.
Maybe, but the openssl extension is not using it. $ php -r 'echo "openssl version text: " . OPENSSL_VERSION_TEXT . "\n"; echo "openssl version number: 0x" . dechex(OPENSSL_VERSION_NUMBER) . "\n";' openssl version text: OpenSSL 1.1.1d 10 Sep 2019 openssl version number: 0x1010104f >> Not sure, if we should discuss this on the list. > Maybe not. On the other hand it might be a real bug. Somehow my builds fail > on validating > the peers. If I set $options['ssl']['verify_peer'] to FALSE in the > secure_stream_test.php > at https://gist.github.com/Jan-E/7f0055624b82c39dee6ae5b712f2c97a the > stream_socket_enable_crypto succeeds. But in a production environment you > cannot and > should not do without verifying peers. Hmm, it does not fail on my machine as you can see from the results I posted earler. But I just had an idea: The extension is very picky about having a proper ca file. I ran into similar issues a while back. Can you please try to set openssl.cafile in php.ini? I always get the latest version from http://curl.haxx.se/ca/cacert.pem Cheers, K. C. -- regards Helmut K. C. Tessarek KeyID 0x172380A011EF4944 Key fingerprint = 8A55 70C1 BD85 D34E ADBC 386C 1723 80A0 11EF 4944 /* Thou shalt not follow the NULL pointer for chaos and madness await thee at its end. */
signature.asc
Description: OpenPGP digital signature