HWIOAuthBundle - SSL certificate - symfony

I am developing a website with Symfony2 on a localhost[Wamp] running on Windows, I need for login to the sitewith HWIOAuthBundle[facebook, Google] but everytime when I click on login I get this error message:
SSL certificate problem: unable to get local issuer certificate
How I can avoid this message for the moment?

Download the file http://curl.haxx.se/ca/cacert.pem
and add this to your php.ini
curl.cainfo="path/to/your/cacert.pem"
and restart your server !
(see this answer)

download curl ca cert:
http://curl.haxx.se/ca/cacert.pem
export CURL_CA_BUNDLE="cacert.pem"

Related

curl 60 err Unable to get local issuer Ubuntu Nginx vmware

I am running a VM on Ubuntu 18.04 an using a self signed ssl certificate (openssl). I installed the CA AUthority, uploaded it to Chrome. Chrome recognizes the SSL so I am not getting and error there, I do however get a guzzle error in Symfony. I have tried editing php.ini and inputing the cacert.pem there and nothing is working. this is not a duplicate please
I am reaching out to see if anybody has run into this based on the stack above.

Wordpress cURL error 60 wordpress. How to fix it?

I use wordpress on VDS server with CyberPanel. And i use SSL certificate from Let's Encrypt. If install Health Check & Troubleshooting plugin, it show error:
cURL error 60: Peer's Certificate issuer is not recognized. and 1 of my plugin doesn't work.
How i can fix this error? Try to use CloudFlare SSL, it's don't help.

How to set up a secure connection between Filbeat and Elasticsearch using SSL

I'm unable to setup an SSL connection between Filebeat and Elasticsearch.
My knowledge is lacking when it comes to SSL. I'm using X-Pack to generate a certificate using the certutil command. bin/xpack/certutil ca generates a certificate authority under the name elastic-stack-ca.p12.
Then
$ bin/x-pack/certutil cert --ca elastic-stack-ca.p12
Which I believe creates a certificate signed by that CA. This results in the file elastic-certificates.p12. From here I'm clueless.
I tried testing to see if the certificates work by setting up a HTTPS connection to ES.
I put
xpack.security.http.ssl.enabled: true
xpack.security.http.ssl.key: /path/to/elastic-certificates.p12
xpack.security.http.ssl.certificate: /path/to/elastic-certificates.p12
xpack.security.http.ssl.certificate_authorities: [ "/path/to/elastic-stack-ca.p12" ]
However, this brings up quite a few errors one of them being
caught exception while handling client http traffic, closing connection
When I add the https IP and the CA in Kibana it fails to connect with ES.
I would like to know how to successfully set up https. Also how can a SSL connection be established between two servers. One containing Filebeat, but no X-Pack and the receiving server with ES on it alongside X-Pack installed.
After adding those SSL settings in your elasticsearch.yml, you also need to add the password to the Elasticsearch keystore and truststore. You should've set a password when you ran the certutil command. You can do that with:
$ echo password | /usr/share/elasticsearch/bin/elasticsearch-keystore add --stdin xpack.security.transport.ssl.keystore.secure_password
$ echo password | /usr/share/elasticsearch/bin/elasticsearch-keystore add --stdin xpack.security.transport.ssl.truststore.secure_password
Make sure you restart Elasticsearch after making these changes.

CFHTTP does not connect over SSL connection?

I have just installed an intermediate & primary SSL certificate on my VPS. Everything is working well, except when I make a cfhttp call:
<cfhttp url="https://advert.establishmindfulness.com/ad-zone-1/?categoryid=1" method="get" result="adzone" />
<cfdump var="#adzone#" />
From https://app.establishmindfulness.com to https://advert.establishmindfulness.com. These 2 subdomains are on the same server, and I am using a wildcard SSL certificate:
*.establishmindfulness.com
That covers all sub domains.
VPS environment
OS: Windows 2008R2 with IIS7
Application server: Lucee 4.5.2.018 final
Servlet Container: Apache Tomcat/8.0.28
Java: 1.8.0_66 (Oracle Corporation) 64bit
Do I need to install the intermediate.crt & primaryssl.crt into my keystore cacerts? Is this the problem?
I tried just installing the certificate.cer that I grabbed from Internet Explorer, but maybe this is the wrong approach?
I still get the error:
Error Detail
Unknown host: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
OK. For anyone who comes across this issue, instead of having to spend several hours pulling your hair out, I managed to get the connection to work:
This is taken from the following link:
https://groups.google.com/forum/#!topic/lucee/BPm8vYdgkPQ
Thank you Dominic Watson
I've just tried this and got it working:
Log in to Lucee server admin and navigate to "SSL Certificates"
Enter your host name "establishmindfulness.com" in the Host field (without the quotes)
Hit "list" button
Hit "install" button
That's it. The cfhttp call started working.

WordPress FTP update on EC2 server

I have an AWS EC2 instance running an Ubuntu 12.04 web server that I host Wordpress on. For Wordpress to update, it's asking me to supply FTP credentials. I have set up FTP according to this post: http://stephen-white.blogspot.co.uk/2012/05/how-to-set-up-wordpress-on-amazon-ec2_31.html
But the FTP user I created (ftpuser) can't log in. WP only gives very vague errors, but I tried using FTP in the OSX terminal, which gives 'Login incorrect', but the password is definitely correct. I can FTP in using my normal username and password.
This is the content of my vsftpd.conf file (I've removed all commented out lines):
listen=YES
anonymous_enable=NO
local_enable=YES
write_enable=YES
local_umask=022
dirmessage_enable=YES
use_localtime=YES
xferlog_enable=YES
connect_from_port_20=YES
secure_chroot_dir=/var/run/vsftpd/empty
pasv_enable=YES
pasv_min_port=14000
pasv_max_port=14050
port_enable=YES
pasv_address=54.241.13.224
pasv_addr_resolve=NO
This is an nmap of the servers ports:
PORT STATE SERVICE
20/tcp closed ftp-data
21/tcp open ftp
22/tcp open ssh
80/tcp open http
443/tcp closed https
14000/tcp closed unknown
The /var/www (where I have Wordpress installed) folder is owned by ftpuser and this is the entry for the ftpuser in the file /etc/passwd:
ftpuser:x:1001:1001::/var/www:/sbin/nologin
I'm only an amateur server admin, so haven't a full clue of what I'm doing. Anyone have any ideas why this is happening and what needs to be done?
If you are receiving the following error message "Login incorrect" on AWS EC2:
331 Please specify the password.
Password:
530 Login incorrect.
ftp: Login failed
There is a problem with login using Shell. To overcome this there is one further step missing after the following in that Blog Post:
Add an FTP user, giving access only to the WordPress files and for additional security >ensuring the user can not open a shell:
useradd ftpuser -d /var/www/html -s /sbin/nologin
Add the following:
Add /usr/sbin/nologin on to the last line of /etc/shells file:
$ vi /etc/shells
/usr/sbin/nologin
Try logging in again using your FTP client. That's how I got it working on my instances.

Resources