Fix for WSL Ubuntu: Error 60 with cURL and Composer #1260
its-leofisher
started this conversation in
General
Replies: 1 comment
-
Another similar issue appeared when running npm install so needed to add the cert file to npm.
|
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
I wanted to share this for those of you behind a firewall/vpn, that you can't easily disable and in my case Zscaler on Windows using WSL Ubuntu. I was receiving "curl error 60" when running
bin/start
andbin/composer update
. I had help from issue #930 but wasn't able to get it to work for me due to a few minor steps.If you are using WSL for the first time you may also need to perform similar steps for your Ubuntu host so its about 3 levels of configuration. Key point is that I believe
bin/start
error is running as a OS level cURL command andbin/composer
update is running the curl extension through PHP.No other steps of downloading a pem from https://curl.se/docs/caextract.html works. It has to be the certificate generated from Zscaler, one other reminder is that the .cer file generated in the following steps is under the hood a .pem file. So it should be named
cacert.pem
to match default configurations of the OS level cURL. For PHP cURL at a later step it should be namedcert.pem
.The Levels:
The Errors:
Errors returned when running
bin/start
or to testbin/root curl -v https://www.google.com
Error returned when running
bin/composer update
The Steps
Step 0: Generating .cer from Zscaler
These are the steps for Windows users to generate the .cer from Zscaler, slightly modified from this Stack Overflow
Make sure the file name is
cacert.pem
Step 1: Copy
cacert.pem
from\src
to containerBelow command places it in the containers
/var/www/html
location, it also sets ownership and permissions for you... 🙌 @markshust.bin/copytocontainer cacert.pem
Step 2: For Container OS Level cURL:
Copy it from
/var/www/html
to/etc/ssl/certs/
withbin/root cp /var/www/html/cacert.pem /etc/ssl/certs/
For sanity check:
bin/root ls /etc/ssl/certs
Step 3: For Container PHP cURL:
Copy it with:
bin/root cp /etc/ssl/certs/cacert.pem /usr/lib/ssl/cert.pem
/usr/lib/ssl
Step 4: Now test
Curl command
bin/root curl -v https://www.google.com
. Error is gone, just a bunch of source code!composer with
bin/composer update
. Error no longer exists!Step 5: Automate
After all the above steps, and with some understanding on whats going on, this can be automated which is WIP
That's it now go develop stuff.
Reference:
Os Level cURL cert location:
/etc/ssl/certs/cacert.pem
PHP level cert location:
/usr/lib/ssl/cert.pem
Windows zscaler certificate steps: https://serverfault.com/a/1157586/239509
Issue that helped with this write up: #930
Additional Notes:
You may need to run these commands in your WSL:
sudo apt-get install ca-certificates
bin/root update-ca-certificates
Errors
OC SHIM error
Thrown when running
bin/start
:First read the error thoroughly, make sure the file its referencing actually exists in the directory its looking under.
As a complete refresh run
bin/remove
and runbin/start
againThis may be caused by not stopping containers before re-starting
Beta Was this translation helpful? Give feedback.
All reactions