Request for help with fsockopen

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
Hi all,
I'm having a problem with fsockopen function, I'm programming with php
4.3 and need to do an HTTP POST over secure socket, ssl, here's my

$context = stream_context_create();
$result = stream_context_set_option($context, 'ssl', 'local_cert',
$result = stream_context_set_option($context, 'ssl', 'passphrase',

$sock = fsockopen("ssl://myhost", 443 , $errno, $errstr, 30, $context);
if (!$sock) die("$errstr ($errno)\n");

I get this error when trying to run this code:
Warning: fsockopen(): Unable to set local cert chain file
`/certificate/cert.pem'; Check that your cafile/capath settings include
details of your certificate and its issuer in /path/to/file.php on line

Dunno what to do, I thought there's something wrong in my certificate
but couldn't find any real explanation on google or php site, If anyone
can help, it would be much appreciated.

Re: Request for help with fsockopen

Quoted text here. Click to load it

 Just to rule out the easy ones first: do you really have a /certificate
directory at the root directory of the filesystem of your server? Remember,
that parameter is not a relative URL.

 There's a couple of hits on Google too, particularly one in a user note on the
SOAP part of the manual - is that any help?

Andy Hassall :: :: :: disk and FTP usage analysis tool

Re: Request for help with fsockopen

hi, thakyou for reply, here's what I discovered:

Quoted text here. Click to load it

No, I really don't have a /certificate at root, I was using absolute
path, but in reality it is a relative path and it does have the cert in
pem format.

Quoted text here. Click to load it

Unfortunately not, but I did find a resolution by adding these two
lines of code that add some option parameters to the stream:

$result = stream_context_set_option($context, 'ssl',
'allow_self_signed', true);
$result = stream_context_set_option($context, 'ssl', 'verify_peer',

This way I should accept a certificate self_signed by CA and I don't
verify it. Kinda unsafe but works well.


Site Timeline