SSL Error? - PHP

Th3_Integrity · November 4, 2015, 5:47pm

SO, I’m just testing out the waters with this new API with PHP on hostgator.

I’ve more or less copied and pasted the code from the example code they provide. And received this error

Fatal error: Uncaught <table style=“border: 1px” cellspacing=“0”> <tr><td colspan=“3” style=“background: #ff9999”> HTTP_Request2_ConnectionException: Unable to connect to ssl://www.haloapi.com:443. Error: stream_socket_client(): unable to connect to ssl://www.haloapi.com:443 (Unknown error) stream_socket_client(): Failed to enable crypto stream_socket_client(): SSL operation failed with code 1. OpenSSL Error messages: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed in /opt/php54/lib/php/HTTP/Request2/Adapter/Socket.php on line 324</td></tr> <tr><td colspan=“3” style=“background-color: #aaaaaa; text-align: center; font-weight: bold;”>Exception trace</td></tr> <tr><td style=“text-align: center; background: #cccccc; width:20px; font-weight: bold;”>#</td><td style=“text-align: center; background: #cccccc; font-weight: bold;”>Function</td><td style=“text-align: center; background: #cccccc; font-weight: bold;”>Location</td></tr> <tr><td style=“text-align: center;”>0</td><td in/opt/php54/lib/php/HTTP/Request2/SocketWrapper.php on line 116

Bolded part is the more important part, I’ve never handled ssl connections before, but i’m pretty sure it has something to do with certificates and SSL layers, just unsure how to go about this.

I could google this, but I’m just wondering if anyone else here know of this very specific problem?

Vubzy · November 4, 2015, 6:54pm

Are you using curl as the adapter for the HTTP Request? Googling the main error without haloapi portions will lead you to more details. It’s definitely not related to just the halo api.

Th3_Integrity · November 4, 2015, 7:08pm

I basically wrote this

<?php
// This sample uses the Apache HTTP client from HTTP Components (http://hc.apache.org/httpcomponents-client-ga/)
require_once ‘HTTP/Request2.php’;
$request = new Http_Request2(‘https://www.haloapi.com/stats/h5/servicerecords/arena?players=the 2gre’);
$url = $request->getUrl();
$headers = array(
// Request headers
‘Ocp-Apim-Subscription-Key’ => ‘{subscription key}’,
);
$request->setHeader($headers);
$parameters = array(
// Request parameters
);
$url->setQueryVariables($parameters);
$request->setMethod(HTTP_Request2::METHOD_GET);
// Request body
$request->setBody("{body}");
try
{
$response = $request->send();
echo $response->getBody();
}
catch (HttpException $ex)
{
echo $ex;
}
?>

I know for sure it’s not a HaloAPI problem, but pretty sure it’s to do with ssl and certs.

mouse091 · November 4, 2015, 7:13pm

I think you need to provide a CA bundle (from here: http://curl.haxx.se/docs/caextract.html) using the parameter ‘ssl_cafile’ in your config. The other option is to disable the SSL peer verification but wouldn’t recommend that route.

Th3_Integrity · November 4, 2015, 7:17pm

> 2533274792173269;4:
> I think you need to provide a CA bundle (from here: http://curl.haxx.se/docs/caextract.html) using the parameter ‘ssl_cafile’ in your config. The other option is to disable the SSL peer verification but wouldn’t recommend that route.

Is there a tutorial out there you recommend I could follow to do all that?

mouse091 · November 4, 2015, 7:26pm

> 2533274828936345;5:
> > 2533274792173269;4:
> > I think you need to provide a CA bundle (from here: http://curl.haxx.se/docs/caextract.html) using the parameter ‘ssl_cafile’ in your config. The other option is to disable the SSL peer verification but wouldn’t recommend that route.
>
>
> Is there a tutorial out there you recommend I could follow to do all that?

Not 100% sure on this (been a while since I’ve used PHP) but try downloading the .pem file from that link, put it in the same folder as your .php files, then add this underneath your setMethod line:
$request->setConfig(‘ssl_cafile’, dirname(FILE). ‘/cacert.pem’);

Th3_Integrity · November 4, 2015, 7:47pm

> 2533274792173269;6:
> > 2533274828936345;5:
> > > 2533274792173269;4:
> > > I think you need to provide a CA bundle (from here: http://curl.haxx.se/docs/caextract.html) using the parameter ‘ssl_cafile’ in your config. The other option is to disable the SSL peer verification but wouldn’t recommend that route.
> >
> >
> > Is there a tutorial out there you recommend I could follow to do all that?
>
>
> Not 100% sure on this (been a while since I’ve used PHP) but try downloading the .pem file from that link, put it in the same folder as your .php files, then add this underneath your setMethod line:
> $request->setConfig(‘ssl_cafile’, dirname(FILE). ‘/cacert.pem’);

It works perfectly, thanks…
Now i just need to figure out, why i’m getting a 404 when searching my own arena service profile.

Works when i search CSR designation though

mouse091 · November 4, 2015, 7:51pm

> 2533274828936345;7:
> > 2533274792173269;6:
> > > 2533274828936345;5:
> > > > 2533274792173269;4:
> > > > I think you need to provide a CA bundle (from here: http://curl.haxx.se/docs/caextract.html) using the parameter ‘ssl_cafile’ in your config. The other option is to disable the SSL peer verification but wouldn’t recommend that route.
> > >
> > >
> > > Is there a tutorial out there you recommend I could follow to do all that?
> >
> >
> > Not 100% sure on this (been a while since I’ve used PHP) but try downloading the .pem file from that link, put it in the same folder as your .php files, then add this underneath your setMethod line:
> > $request->setConfig(‘ssl_cafile’, dirname(FILE). ‘/cacert.pem’);
>
>
> It works perfectly, thanks…
> Now i just need to figure out, why i’m getting a 404 when searching my own arena service profile.
>
> Works when i search CSR designation though

The solution here: https://www.halowaypoint.com/en-us/forums/01b3ca58f06c4bd4ad074d8794d2cf86/topics/problem-getting-service-records/4837e7d7-508e-41df-a6f4-903e03ae897b/posts should help with the 404

Th3_Integrity · November 4, 2015, 7:57pm

> 2533274792173269;8:
> > 2533274828936345;7:
> > > 2533274792173269;6:
> > > > 2533274828936345;5:
> > > > > 2533274792173269;4:
> > > > > I think you need to provide a CA bundle (from here: http://curl.haxx.se/docs/caextract.html) using the parameter ‘ssl_cafile’ in your config. The other option is to disable the SSL peer verification but wouldn’t recommend that route.
> > > >
> > > >
> > > > Is there a tutorial out there you recommend I could follow to do all that?
> > >
> > >
> > > Not 100% sure on this (been a while since I’ve used PHP) but try downloading the .pem file from that link, put it in the same folder as your .php files, then add this underneath your setMethod line:
> > > $request->setConfig(‘ssl_cafile’, dirname(FILE). ‘/cacert.pem’);
> >
> >
> > It works perfectly, thanks…
> > Now i just need to figure out, why i’m getting a 404 when searching my own arena service profile.
> >
> > Works when i search CSR designation though
>
>
> The solution here: https://www.halowaypoint.com/en-us/forums/01b3ca58f06c4bd4ad074d8794d2cf86/topics/problem-getting-service-records/4837e7d7-508e-41df-a6f4-903e03ae897b/posts should help with the 404

I solved myself, got rid of the redundant code, and i got a response.
lol thank you very much

AssaultCommand · November 7, 2015, 2:03pm

> 2533274792173269;6:
> > 2533274828936345;5:
> > > 2533274792173269;4:
> > > I think you need to provide a CA bundle (from here: http://curl.haxx.se/docs/caextract.html) using the parameter ‘ssl_cafile’ in your config. The other option is to disable the SSL peer verification but wouldn’t recommend that route.
> >
> >
> > Is there a tutorial out there you recommend I could follow to do all that?
>
>
> Not 100% sure on this (been a while since I’ve used PHP) but try downloading the .pem file from that link, put it in the same folder as your .php files, then add this underneath your setMethod line:
> $request->setConfig(‘ssl_cafile’, dirname(FILE). ‘/cacert.pem’);

Was having the same issue as OP and this solved it for me as well, thanks dude