Local development: SSL/crypto

Created on 27 February 2024, about 1 year ago

Problem/Motivation

When developing locally and self-signed certs are used the following warnings are thrown and file download fails:

Warning: file_get_contents(https://xyz.local/sites/default/files/featured/xyz.jpg): Failed to open stream: operation failed in Drupal\single_content_sync\Plugin\SingleContentSyncFieldProcessor\FileAsset->importFieldValue() (line 174 of /modules/contrib/single_content_sync/src/Plugin/SingleContentSyncFieldProcessor/FileAsset.php)

Warning: file_get_contents(): Failed to enable crypto in Drupal\single_content_sync\Plugin\SingleContentSyncFieldProcessor\FileAsset->importFieldValue() (line 174 of /modules/contrib/single_content_sync/src/Plugin/SingleContentSyncFieldProcessor/FileAsset.php)

Warning: file_get_contents(): SSL operation failed with code 1. OpenSSL Error messages: error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed in Drupal\single_content_sync\Plugin\SingleContentSyncFieldProcessor\FileAsset->importFieldValue() (line 174 of /modules/contrib/single_content_sync/src/Plugin/SingleContentSyncFieldProcessor/FileAsset.php)

Steps to reproduce

- export/import a node with images as media attached within local development with self-signed certificates

Proposed resolution

- add dev-only setting to ignore ssl verification
- similar solution exists on drupal/entity_print project (https://git.drupalcode.org/project/entity_print/-/blob/8.x-2.x/config/sc...)

Remaining tasks

create MR:

          $ignore_ssl = $this->configuration['ignore_ssl'];
          if ($ignore_ssl) {
            $options = [
            "ssl" => [
              "verify_peer" => FALSE,
              "verify_peer_name" => FALSE,
              ],
            ];

            $context = stream_context_create($options);
            $data = file_get_contents($file_item['url'], FALSE, $context);
          }
          else {
            $data = file_get_contents($file_item['url']);
          }

User interface changes

update to config form to include new configuration flag

API changes

add new configuration flag 'ignore ssl'

Data model changes

new configuration flag

✨ Feature request

Status

Active

Version

1.4

Component

Code

Created by

🇦🇺Australia jannakha Brisbane!

Live updates comments and jobs are added and updated live.

Merge Requests

!157Local development: SSL/crypto
Open
🇺🇸United States tetranz
updated 4 days ago

Comments & Activities

Issue created by @jannakha
Comment about 1 year ago →
🇦🇺Australia jannakha Brisbane!
Issue was unassigned.
Status changed to Closed: works as designed about 1 year ago7:37am 27 February 2024
Comment about 1 year ago →
🇺🇦Ukraine abramm Lutsk
I don't think this is a module issue.

As an alternative, try using a development environment that correctly handles the installation of self-signed certificates, like ddev.
First commit to issue fork.
Merge request !157Issue #3423945: Ignore SSL cert verification on configured hosts. → (Open) created by tetranz
Comment 4 days ago →
🇺🇸United States tetranz
I reopened this and created a MR. I think it is a useful feature for those who know what they're doing and are aware of the security implications.
Pipeline finished with Success
4 days ago
Total: 173s
#465772
Comment 1 day ago →
🇺🇸United States tetranz

contrib.social Blog FAQ Discussions

Production build 0.71.5 2024