** Changed in: openssl (Ubuntu) Status: Confirmed => Won't Fix -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssl in Ubuntu. https://bugs.launchpad.net/bugs/592442
Title: fopen fails on some SSL urls Status in php: Unknown Status in openssl package in Ubuntu: Won't Fix Status in php5 package in Ubuntu: Fix Released Bug description: Binary package hint: php5 Description: Ubuntu 10.04 LTS Release: 10.04 php5: Installed: 5.3.2-1ubuntu4.2 Candidate: 5.3.2-1ubuntu4.2 Version table: *** 5.3.2-1ubuntu4.2 0 500 http://archive.ubuntu.com/ubuntu/ lucid-updates/main Packages 100 /var/lib/dpkg/status 5.3.2-1ubuntu4 0 500 http://archive.ubuntu.com/ubuntu/ lucid/main Packages For some reason I can't seem to get the following to work. I suspect a SSL problem. Maybe the intermediate SSL cert is not being recognized properly? The server cert is signed by geotrust (which is an intermediate of equifax[1]). I put the following in a file called /tmp/fopen.php: <?php if (fopen("https://www.google.com","r")) { print "www.google.com worked\n"; } if (fopen("https://cas.ucdavis.edu","r")) { print "cas.ucdavis.edu worked\n"; } ?> Then I run the php via an apache web and/or via the php5-cli (the results are the same in both cases): $ php /tmp/fopen.php www.google.com worked PHP Warning: fopen(): SSL operation failed with code 1. OpenSSL Error messages: error:140773F2:SSL routines:func(119):reason(1010) in /tmp/fopen.php on line 3 PHP Warning: fopen(): Failed to enable crypto in /tmp/fopen.php on line 3 PHP Warning: fopen(https://cas.ucdavis.edu): failed to open stream: operation failed in /tmp/fopen.php on line 3 $ When I run the above command on a karmic or jaunty machine it works fine for both fopen() calls. I've attached a tcpdump of the above script. As you can see from the dump, Google is working but my server is not. I get an SSL alert packet (packet #29) back with code 10 (unexpected message). Maybe this is an intermediate cert verification problem? What is funny is that I get an ACK right before that. It seems like maybe the server is sending an ACK, client starts talking, server isn't ready and sends an out-of-order message. Scott ----------- [1] https://www.geotrust.com/resources/root-certificates/index.html To manage notifications about this bug go to: https://bugs.launchpad.net/php/+bug/592442/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp