lucene-solr-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bay chae <bayc...@gmail.com>
Subject php apache solr client - Solr HTTP Error 58: 'Problem with the local SSL certificate'
Date Fri, 21 Apr 2017 17:59:53 GMT
Hi,

Apologies if this is an inappropriate place to contact please redirect if this is the case.

I have successfully setup solr(6.5.0) with ssl in my dev environment and can get a proper
response using the following curl request:

curl -E ./etc/solr-ssl.keystore.p12:secret --cacert ./etc/solr-ssl.cacert.pem "https://localhost:8984/solr/mycollection/select?q=*:*&wt=json&indent=on
<https://localhost:8984/solr/mycollection/select?q=*:*&wt=json&indent=on>”

...as advised in the official solr docs: 

https://cwiki.apache.org/confluence/display/solr/Enabling+SSL#EnablingSSL-ExampleClientActions
<https://cwiki.apache.org/confluence/display/solr/Enabling+SSL#EnablingSSL-ExampleClientActions>

I have also installed into my php environment the official php client for apache solr (2.4.0)
using pecl to install.

I have tested the client works in non-ssl mode when solr server does not force ssl on the
client.

The problem I am having is:

[21-Apr-2017 17:00:36 UTC] Solr HTTP Error 58: 'Problem with the local SSL certificate' 
#0 Controller.php(37): SolrClient->ping()

With options:

$options = array
(
    'hostname' => "localhost",
    'port'     => 8984,
    'timeout'  => 10,
    'secure'   => true,
    'path' => 'solr/mycollection',
    'ssl_cert' => SITE_ROOT . 'apps/config/solr-ssl.crt',           
    'ssl_key'  => SITE_ROOT . 'apps/config/solr-ssl.keystore.pem', 
    'ssl_keypassword' => 'secret',
     'ssl_cainfo' => SITE_ROOT . 'apps/config/solr-ssl.cacert.pem'   
);

These options while advised in the docs appear to be incompatible with example usage of curl
as advised in the case of using curl with OS X Mavericks+.

I was hoping you might able to shed some light onto the problem I am having and how I might
be able to remedy it.

As far as I am aware I have added all certs into OS X keychain with access to all applications.

Any help would be gratefully received.

Baychae
Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message