RE: [fw-general] SSL issue

[Demian Katz]

Bryon,

The Curl adapter was also mentioned in this blog post:

http://blog.debug.cz/2012/11/https-connections-with-zend-framework-2.html

You can set up the adapter using the [Http] section of VuFind's config.ini:

[Http]
adapter = Zend\Http\Client\Adapter\Curl
curloptions[CURLOPT_SSL_VERIFYPEER] = true
curloptions[CURLOPT_SSL_VERIFYHOST] = 2
curloptions[CURLOPT_CAINFO] = /etc/ssl/certs/ca-bundle.pem

Let me know if you still have problems -- if that doesn't make a difference, I 
remain suspicious that you may be having trouble getting values passed from 
config.ini to the VuFind code. There's a simple sanity check to test if this is 
the case: set adapter to some garbage string -- if configurations are loading 
correctly, this will cause a fatal error when the framework fails to load a 
non-existent class. If setting a bad adapter doesn't break your code, then 
there is a configuration loading problem.

- Demian

 -Original Message-
 From: Matthew Weier O'Phinney [mailto:matt...@zend.com]
 Sent: Monday, September 16, 2013 4:23 PM
 To: fw-general@lists.zend.com
 Subject: Re: [fw-general] SSL issue
 
 On Mon, Sep 16, 2013 at 11:02 AM, Bryon Czoch bcz...@uchicago.edu wrote:
  Hi all,
 
  We recently moved our Horizon server behind SSL an we are now getting this
 error in Vufind(Built on ZF) on the Record view and cant seem to figure it
 out:
 
  Message: Unable to enable crypto on TCP connection libcat.uchicago.edu: make
 sure the sslcapath option points to a valid SSL certificate directory
 
  We set sslcapath, sslverifypeer and on our FreeBSD server to no avail.
 
  This person had a similar issue:
 http://sourceforge.net/mailarchive/message.php?msg_id=31151754
 
  Any help would be appreciated,
 
 This is an issue with the underlying stream context being used to
 negotiate SSL connections. The most expedient answer, and likely best,
 is to use the Curl adapter instead of the default Stream adapter, as
 it negotiates SSL more transparently and robustly.
 
 
 
 --
 Matthew Weier O'Phinney
 Project Lead| matt...@zend.com
 Zend Framework  | http://framework.zend.com/
 PGP key: http://framework.zend.com/zf-matthew-pgp-key.asc
 
 --
 List: fw-general@lists.zend.com
 Info: http://framework.zend.com/archives
 Unsubscribe: fw-general-unsubscr...@lists.zend.com
 

[fw-general] SSL issue

[Bryon Czoch]

Hi all,

We recently moved our Horizon server behind SSL an we are now getting this 
error in Vufind(Built on ZF) on the Record view and cant seem to figure it out:

Message: Unable to enable crypto on TCP connection libcat.uchicago.edu: make 
sure the sslcapath option points to a valid SSL certificate directory

We set sslcapath, sslverifypeer and on our FreeBSD server to no avail.

This person had a similar issue: 
http://sourceforge.net/mailarchive/message.php?msg_id=31151754

Any help would be appreciated,

Thanks,

Bryon

Re: [fw-general] SSL issue

[Matthew Weier O'Phinney]

On Mon, Sep 16, 2013 at 11:02 AM, Bryon Czoch bcz...@uchicago.edu wrote:
 Hi all,

 We recently moved our Horizon server behind SSL an we are now getting this 
 error in Vufind(Built on ZF) on the Record view and cant seem to figure it 
 out:

 Message: Unable to enable crypto on TCP connection libcat.uchicago.edu: make 
 sure the sslcapath option points to a valid SSL certificate directory

 We set sslcapath, sslverifypeer and on our FreeBSD server to no avail.

 This person had a similar issue: 
 http://sourceforge.net/mailarchive/message.php?msg_id=31151754

 Any help would be appreciated,

This is an issue with the underlying stream context being used to
negotiate SSL connections. The most expedient answer, and likely best,
is to use the Curl adapter instead of the default Stream adapter, as
it negotiates SSL more transparently and robustly.



-- 
Matthew Weier O'Phinney
Project Lead| matt...@zend.com
Zend Framework  | http://framework.zend.com/
PGP key: http://framework.zend.com/zf-matthew-pgp-key.asc

-- 
List: fw-general@lists.zend.com
Info: http://framework.zend.com/archives
Unsubscribe: fw-general-unsubscr...@lists.zend.com