Topic on Extension talk:Push

Jump to navigation Jump to search
WolfgangFahl (talkcontribs)

The error:

Dateitransfer fehlgeschlagen: Authentifizierung auf https://<site>/api.php ist fehlgeschlagen. 

shows up when configured for a 1.24.1 wiki. I know that the MediaWikiApi for 1.24.1 has been changed in an unfortunate incompatible way. Since this extension is from 2011 I am wondering whether

  • SSL is the problem
  • 1.24.1 is the problem

or something else. How would I debug this situation?

Seppl2013 (talkcontribs)

@Jeroen De Dauw

with my new debugging capabilities I found out that status.errors has "SSL certificate problem:unable to get local issuer certificate".

It would be good if such errors would (may be optionally) be propagated to the push-err-authentication message

Seppl2013 (talkcontribs)
Seppl2013 (talkcontribs)

I am close to getting things fixed but unfortunately its a little messy.

So the natural attempt to add:

  1. ini_set("openssl.cafile","BITPlanValidCerts.pem")
  2. ini-set("curl.cainfo","BITPlanValidCerts.pem")

didn't work - you have to set these in the php.ini file. A curl https:// test then works

Mediawiki is different.

see also https://doc.wikimedia.org/mediawiki-core/master/php/HttpFunctions_8php_source.html getCertOptions() and

https://www.happyassassin.net/2015/01/12/a-note-about-ssltls-trusted-certificate-stores-and-platforms/

so

3. putenv("SSL_CERT_PATH=BITPlanValidCerts.pem");

looked promising - but doesn't seem to work on my PHP 5.6. environment. Even changing the PHP 5.6 version check in HttpFunctions didn't make a difference.

So a bit more debugging and I'll get back here.

Seppl2013 (talkcontribs)
Seppl2013 (talkcontribs)
Seppl2013 (talkcontribs)
Reply to "SSL or 1.24.1 problem?"