Old RSS/SSL error appearing

Permalink 1 user found helpful
Getting

"Unable to enable crypto on TCP connection toshitimes.com: make sure the "sslcafile" or "sslcapath" option are properly set for the environment."

error message when adding an RSS block. using "http" or "//" does not help as it gets redired to "https".

on 8.4.0a1

This was an old issue (https://www.concrete5.org/community/forums/5-7-discussion/rss-feed-to-https-feed.-getting-error/#743515), but I never saw an answer to that problem.

FYI, changing app.php to (assuming you have certs there)

'sslcafile' => '/etc/ssl/certs/',
'sslcapath' => 'ca-certificates.crt',

and/or concrete/vendor/zendframework/zend-http/src/Client/Adapter/Socket.php

or adding

SetEnv sslcapath /etc/ssl/certs/
SetEnv sslcafile ca-certificates.crt

to apache config does not do anything

ntisithoj
 
ntisithoj replied on at Permalink Reply
ntisithoj
one way to fix is create a new feed using RSSMIX.COM. These seem to work (probably) because RSSMIX does not enforce SSL but can read SSL (but the data is not updated)
CMSDeveloper replied on at Permalink Reply
CMSDeveloper
⚠ Yeh, just revive a old ghost.
No, joking.
I'll thought this was not a problem with C5 8.3.2 and some good hoster
ntisithoj replied on at Permalink Reply
ntisithoj
anebi replied on at Permalink Reply
Hi,

I don't know if you've solved the problem, but you can edit

"./concrete/vendor/zendframework/zend-http/src/Client/Adapter/Socket.php" file and find:

/**
     * Parameters array
     *
     * @var array
     */
    protected $config = array(
        'persistent'            => false,
        'ssltransport'          => 'ssl',
        'sslcert'               => null,
        'sslpassphrase'         => null,
        'sslverifypeer'         => true,
        'sslcafile'             => null,
        'sslcapath'             => null,
        'sslallowselfsigned'    => false,
        'sslusecontext'         => false


note: there is a config called 'sslverifypeer', change that to false