Php (4.4) configured to open secure URLs (https)?

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
I use apache, Php and MySql on my Windows XP machine at home.  I have  
been doing so successfully now for a long time.  However, I am now  
trying to use fopen to open secure URLs (https) and having no luck.  I  
have installed openssl and enabled the extension (phpinfo says so,  
too).  But still it does not work.

I now realize that I need to have https and ftps as registered streams,  
Registered PHP Streams     php, http, ftp, https, ftps, compress.zlib
(from phpinfo at my hosting provider)

When I run phpinfo on my version of Php (which I just downloaded from it says,
Registered PHP Streams     php, http, ftp, compress.zlib

I've been reading forum posts saying to compile Php with  
"--with-openssl in your ./configure

Well, I do not compile Php from source (don't even have a C compiler).  
I always download binaries (like that I downloaded  
today from

How do I get a binary that was compiled with openssl in the configure  
command?  Or if I am misunderstanding something here, what is is that I  
need to do?

Thanks in Advance,

 Chuck Anderson • Boulder, CO
 Integrity is obvious.
 The lack of it is common.

Re: Php (4.4) configured to open secure URLs (https)?

Quoted text here. Click to load it

Within the extensions folder you should see a php_openssl.dll
Also you should go to the openssl folder and read the README-SSL.txt  
file.  That file tells you how to implement it correctly within a  
windows environment (which sometimes includes setting environment variables)

Mike Willbanks
Zend Certified Engineer

Re: Php (4.4) configured to open secure URLs (https)?

Mike Willbanks wrote:

Quoted text here. Click to load it
Yep. And I uncommented that line in php.ini. (extension=php_openssl.dll)

Quoted text here. Click to load it
Thanks for the help. I don't see any such file, however ......

..... I installed a compiled binary .... Win32OpenSSL-v0.9.8.exe ....
... that I got from the Shining Light Productions site (a link from

In the help file (.chm for Windows) it says that I can uninstall it if I  
do not plan on developing any apps that incorporate the SSL library and  
it will leave the needed dlls in the Windows/system folder.

I understand that from what I've done, SSL should be properly installed  
(I can use openssl from the command line) , however, Php still does not  
show https and ftps as registered streams and I can not use fopen on  
secure URLs.

Quoted text here. Click to load it
I have found nothing about setting environment variables. ?? Do I need  
to do something more in php (php.ini) or in Apache httpd.conf?

 Chuck Anderson • Boulder, CO
 Integrity is obvious.
 The lack of it is common.

Re: Php (4.4) configured to open secure URLs (https)?


Quoted text here. Click to load it

This is what is contained in the readme-ssl.txt file (php4):

To use the CSR and key generation functions from PHP, you will need to  
an openssl.cnf file.  We have included a sample file that can be used  
for this
purpose in this folder alongside this readme file.

The default path for the openssl.cnf file is determined as follows:

OPENSSL_CONF environmental variable, if set, is assumed to hold the
path to the file.

If it is not set, SSLEAY_CONF environmental variable is checked next.
If neither are set, PHP will look in the default certificate area that  
was set
at the time that the SSL DLLs were compiled.  This is typically

If the default path is not suitable for your system, you can set the
OPENSSL_CONF variable; under windows 95 and 98 you can set this variable in
your autoexec.bat (or the batch file that starts your webserver/PHP).
Under NT, 2000 and XP you can set environmental variables using "My  

If setting an environmental var is not suitable, and you don't want to  
the config file at the default location, you can override the default path
using code like this:

$configargs = array(
     "config" => "path/to/openssl.cnf"

$pkey = openssl_pkey_new($config);
$csr = openssl_csr_new($dn, $pkey, $config);

Please consult the online manual for more information about these functions.


Windows Explorer gives special meaning to files with a .cnf extension.
This typically means that editing the file from the explorer (by double or
right-clicking) will be difficult or impossible depending on your setup.
It is often easier to open the file from within the editor.
You can avoid this issue by naming the file something else (you might  
need to
rename the file using a DOS box) and then setting up an environmental  
as described above.

Mike Willbanks
Zend Certified Engineer

Re: Can not get Php (4.4 - Windows) configured to open secure URLs (https)

Thanks for getting back again, Mike.

Quoted text here. Click to load it
The compiled binary installer for openSSL did set this environment variable.

I'm really stumped here. I seem to have everything I need to get Php to  
allow me to open https streams, but it is just not happening.

I downloaded and installed the latest Php4 for Windows from and  
it is working. If I call get_loaded_extensions, I see:

[0] => standard
[1] => bcmath
[2] => calendar
[3] => ctype
[4] => com
[5] => ftp
[6] => mysql
[7] => odbc
[8] => overload
[9] => pcre
[10] => session
[11] => tokenizer
[12] => xml
[13] => wddx
[14] => zlib
[15] => apache
[16] => curl
[17] => gd
[18] => mhash
[19] => openssl

So the openssl extension is loaded.

The Windows environment variable OPENSSL_CONF is set to  
C:\OpenSSL\bin\openssl.cnf (and that is where I have installed OpenSSL.  
The two necessary dll files are in my Windows/System32 folder  
(libeay32.dll and ssleay32.dll).

And lastly - running php -m (show compiled in modules) from a command  
prompt displays:

[PHP Modules]

So the openssl module is compiled in my copy of Php.

Still, when I do Phpinfo, I get:
Registered PHP Streams - php, http, ftp, compress.zlib

No https and no ftps.

I have run Php as CGI and as an Apache module and it makes no difference.

I can not find anything else to check (open_basedir is not set), so  
...... I am stumped.

I can not get https and ftps to be registered streams and it appears  
that I have done everything needed to do so. ??

 Chuck Anderson • Boulder, CO
 Integrity is obvious.
 The lack of it is common.

Site Timeline