Need help on SSL with Omeka 2 Importer

I can point it to the API endpoint, but I get the SSL error (ErrorException: stream_socket_enable_crypto(): SSL operation failed with code 1.) and I’m not sure how to point it to the ca files on the server. All we have is a pem file.

Both sites serve with HTTPS.

Can you share the URL of the site you’re trying to import? SSL errors like this tend to be problems with the certificates being sent by the server you’re trying to connect to, or else with the bundle of “trusted” root certificates on the server you’re connecting from.

https://omeka-dev.library.appstate.edu/

It looks like the certificate chain for that server is incomplete; it’s missing an intermediate certificate it should be sending. Typically the provider of the certificate has instructions for including any necessary intermediate certificates.

How can you see that it’s missing? I unfortunately don’t have the ability to set that up as the sysadmin folks handle that. I can see where the pem file is. Is there something with that? Sorry, I know nothing about how SSL works.

I can browse to it fine and Firefox says it’s OK.

Here’s a test result showing that the certificate chain for that site is incomplete.

Browsers tend to not have as much of a problem with this as command-line tools and server-side code like Omeka.

Awesome site. Thanks
It looks like that site is actually old and hasn’t been updated in a while- which is why they want to get all the stuff off of it.
Thanks again. I will see if it’s worth updating then try again.

It seems that server can’t be updated, but the original omeka.library.appstate.edu is up to the latest version and is giving the same error. What file needs to be referenced in Omeka-S for the importer and how should it be referenced?

Can you post the whole error you’re getting?

I can confirm the problem with the “omeka-dev” URL as we discussed before, but I don’t have an issue with the “omeka” one.

Laminas\Http\Client\Adapter\Exception\RuntimeException
Unable to enable crypto on TCP connection omeka.library.appstate.edu: make sure the “sslcafile” or “sslcapath” option are properly set for the environment.

Details:

ErrorException: stream_socket_enable_crypto(): SSL operation failed with code 1. OpenSSL Error messages: error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed in /var/www/omeka-s/vendor/laminas/laminas-http/src/Client/Adapter/Socket.php:368 Stack trace: #0 [internal function]: Laminas\Stdlib\ErrorHandler::addError(2, ‘stream_socket_e…’, ‘/var/www/omeka-…’, 368, Array) #1 /var/www/omeka-s/vendor/laminas/laminas-http/src/Client/Adapter/Socket.php(368): stream_socket_enable_crypto(Resource id #795, true, 57) #2 /var/www/omeka-s/vendor/laminas/laminas-http/src/Client/Adapter/Socket.php(327): Laminas\Http\Client\Adapter\Socket->enableCryptoTransport(‘tls’, Resource id #795, ‘omeka.library.a…’) #3 /var/www/omeka-s/vendor/laminas/laminas-http/src/Client.php(1447): Laminas\Http\Client\Adapter\Socket->connect(‘omeka.library.a…’, 443, true) #4 /var/www/omeka-s/vendor/laminas/laminas-http/src/Client.php(947): Laminas\Http\Client->doRequest(Object(Laminas\Uri\Http), ‘GET’, true, Array, ‘’) #5 /var/www/omeka-s/modules/Omeka2Importer/src/Service/Omeka2Client.php(172): Laminas\Http\Client->send() #6 [internal function]: Omeka2Importer\Service\Omeka2Client->get() #7 /var/www/omeka-s/modules/Omeka2Importer/src/Service/Omeka2Client.php(85): call_user_func_array(Array, Array) #8 /var/www/omeka-s/modules/Omeka2Importer/src/Controller/IndexController.php(96): Omeka2Importer\Service\Omeka2Client->__call(‘get’, Array) #9 /var/www/omeka-s/vendor/laminas/laminas-mvc/src/Controller/AbstractActionController.php(77): Omeka2Importer\Controller\IndexController->mapElementsAction() #10 /var/www/omeka-s/vendor/laminas/laminas-eventmanager/src/EventManager.php(321): Laminas\Mvc\Controller\AbstractActionController->onDispatch(Object(Laminas\Mvc\MvcEvent)) #11 /var/www/omeka-s/vendor/laminas/laminas-eventmanager/src/EventManager.php(178): Laminas\EventManager\EventManager->triggerListeners(Object(Laminas\Mvc\MvcEvent), Object(Closure)) #12 /var/www/omeka-s/vendor/laminas/laminas-mvc/src/Controller/AbstractController.php(103): Laminas\EventManager\EventManager->triggerEventUntil(Object(Closure), Object(Laminas\Mvc\MvcEvent)) #13 /var/www/omeka-s/vendor/laminas/laminas-mvc/src/DispatchListener.php(139): Laminas\Mvc\Controller\AbstractController->dispatch(Object(Laminas\Http\PhpEnvironment\Request), Object(Laminas\Http\PhpEnvironment\Response)) #14 /var/www/omeka-s/vendor/laminas/laminas-eventmanager/src/EventManager.php(321): Laminas\Mvc\DispatchListener->onDispatch(Object(Laminas\Mvc\MvcEvent)) #15 /var/www/omeka-s/vendor/laminas/laminas-eventmanager/src/EventManager.php(178): Laminas\EventManager\EventManager->triggerListeners(Object(Laminas\Mvc\MvcEvent), Object(Closure)) #16 /var/www/omeka-s/vendor/laminas/laminas-mvc/src/Application.php(331): Laminas\EventManager\EventManager->triggerEventUntil(Object(Closure), Object(Laminas\Mvc\MvcEvent)) #17 /var/www/omeka-s/index.php(21): Laminas\Mvc\Application->run() #18 {main} Next Laminas\Http\Client\Adapter\Exception\RuntimeException: Unable to enable crypto on TCP connection omeka.library.appstate.edu: make sure the “sslcafile” or “sslcapath” option are properly set for the environment. in /var/www/omeka-s/vendor/laminas/laminas-http/src/Client/Adapter/Socket.php:397 Stack trace: #0 /var/www/omeka-s/vendor/laminas/laminas-http/src/Client/Adapter/Socket.php(327): Laminas\Http\Client\Adapter\Socket->enableCryptoTransport(‘tls’, Resource id #795, ‘omeka.library.a…’) #1 /var/www/omeka-s/vendor/laminas/laminas-http/src/Client.php(1447): Laminas\Http\Client\Adapter\Socket->connect(‘omeka.library.a…’, 443, true) #2 /var/www/omeka-s/vendor/laminas/laminas-http/src/Client.php(947): Laminas\Http\Client->doRequest(Object(Laminas\Uri\Http), ‘GET’, true, Array, ‘’) #3 /var/www/omeka-s/modules/Omeka2Importer/src/Service/Omeka2Client.php(172): Laminas\Http\Client->send() #4 [internal function]: Omeka2Importer\Service\Omeka2Client->get() #5 /var/www/omeka-s/modules/Omeka2Importer/src/Service/Omeka2Client.php(85): call_user_func_array(Array, Array) #6 /var/www/omeka-s/modules/Omeka2Importer/src/Controller/IndexController.php(96): Omeka2Importer\Service\Omeka2Client->__call(‘get’, Array) #7 /var/www/omeka-s/vendor/laminas/laminas-mvc/src/Controller/AbstractActionController.php(77): Omeka2Importer\Controller\IndexController->mapElementsAction() #8 /var/www/omeka-s/vendor/laminas/laminas-eventmanager/src/EventManager.php(321): Laminas\Mvc\Controller\AbstractActionController->onDispatch(Object(Laminas\Mvc\MvcEvent)) #9 /var/www/omeka-s/vendor/laminas/laminas-eventmanager/src/EventManager.php(178): Laminas\EventManager\EventManager->triggerListeners(Object(Laminas\Mvc\MvcEvent), Object(Closure)) #10 /var/www/omeka-s/vendor/laminas/laminas-mvc/src/Controller/AbstractController.php(103): Laminas\EventManager\EventManager->triggerEventUntil(Object(Closure), Object(Laminas\Mvc\MvcEvent)) #11 /var/www/omeka-s/vendor/laminas/laminas-mvc/src/DispatchListener.php(139): Laminas\Mvc\Controller\AbstractController->dispatch(Object(Laminas\Http\PhpEnvironment\Request), Object(Laminas\Http\PhpEnvironment\Response)) #12 /var/www/omeka-s/vendor/laminas/laminas-eventmanager/src/EventManager.php(321): Laminas\Mvc\DispatchListener->onDispatch(Object(Laminas\Mvc\MvcEvent)) #13 /var/www/omeka-s/vendor/laminas/laminas-eventmanager/src/EventManager.php(178): Laminas\EventManager\EventManager->triggerListeners(Object(Laminas\Mvc\MvcEvent), Object(Closure)) #14 /var/www/omeka-s/vendor/laminas/laminas-mvc/src/Application.php(331): Laminas\EventManager\EventManager->triggerEventUntil(Object(Closure), Object(Laminas\Mvc\MvcEvent)) #15 /var/www/omeka-s/index.php(21): Laminas\Mvc\Application->run() #16 {main}

If you have SSH/terminal access to the server your Omeka S install is running on, what happens if you try to do curl https://omeka.library.appstate.edu ?

If this also gives you an error then the problem is likely the “trusted” certificates installed on your server that need to be updated.

It gives me a text output of the html.
I can run curl https://omeka.library.appstate.edu -o output.html and see it in vim just fine.