In the php.ini I have:
[openssl]
openssl.cafile= /etc/ssl/cert/mydomaincabundle.crt
this line allow email from PHP with SMTP to be sent from PHP es WordPress or PHP application as i use mydomain.ext certificate.
Now that I need use composer I discovered this line generate SSL error when PHP app like composer try to download data. The error is:
file could not be downloaded: SSL operation failed with code 1. OpenSSL Error messages:
error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed
Failed to enable crypto
failed to open stream: operation failed
Now trying to download from source
If i remove the php.ini line
[openssl]
openssl.cafile= /etc/ssl/cert/mydomaincabundle.crt
this issue is solved but i start to see all PHP mail fail so applications like WordPress etc are unable to send email.
How I can have mail working and also solve the PHP SSL issue?
If i remove the openssl line with the certificate email sent with SMTP SSL will fail.
Connection: opening to ssl://domain.it:465, timeout=300, options=array ()
Connection: Failed to connect to server. Error number 2. "Error notice: stream_socket_client(): SSL operation failed with code 1. OpenSSL Error messages:error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed
Connection: Failed to connect to server. Error number 2. "Error notice: stream_socket_client(): Failed to enable crypto
Connection: Failed to connect to server. Error number 2. "Error notice: stream_socket_client(): unable to connect to ssl://domain.it:465 (Unknown error)
SMTP ERROR: Failed to connect to server: (0)
SMTP connect() failed. https://github.com/PHPMailer/PHPMailer/wiki/Troubleshooting
Thank you.
UPDATE
In php.ini i have specified to use the cafile of my domain. This made email from PHP works and also i have no issue on loading my domain.
I have issue when i try to use composer as seems PHP is using the domain certificate who is not able to get validation.
If i remove the openssl ca.file from php.ini email from PHP stop to work but composer work fine.
Maybe i need find where is the system certificate used by PHP when i remove the openssl line than add the certificate content to mine domain certificate, this should solve the issue.
Any idea of where this certificate can be found? Do you think this will solve the issue?
https://github.com/composer/composer/issues/7797#issuecomment-440585828
Thanks for the help.
Best Answer
Solved https://github.com/composer/composer/issues/7797#issuecomment-440680491
In centos the position seems to be little bit different How to add Certificate Authority in centos7?
I found it on etc/pki/ca-trust/extracted/openssl