Search code examples
phpapacheopenssl

OPENSSL file_get_contents(): Failed to enable crypto

I'm building a personal stock platform (not distributed). A component I would like to have is the EPS graph on this page:

https://eresearch.fidelity.com/eresearch/evaluate/fundamentals/earnings.jhtml?stockspage=earnings&symbols=AAPL&showPriceLine=yes

As you can see, the page is https, so after days of hammering things out, I enabled openssl and now it seems to work for all https pages such as the homepages of facebook and twitter, however it is still not working for the one I need.

file_get_contents('https://facebook.com'); /* works */
file_get_contents('https://twittercom'); /* works */
file_get_contents('https://eresearch.fidelity.com/eresearch/evaluate/fundamentals/earnings.jhtml?stockspage=earnings&symbols=AAPL&showPriceLine=yes');

I'm getting the warning:

Warning: file_get_contents(): SSL: crypto enabling timeout in C:\xampp\htdocs\index.php on line 3
Warning: file_get_contents(): Failed to enable crypto in C:\xampp\htdocs\index.php on line 3
Warning: file_get_contents(https://eresearch.fidelity.com/eresearch/evaluate/fundamentals/earnings.jhtml?stockspage=earnings&symbols=AAPL&showPriceLine=yes): failed to open stream: operation failed in C:\xampp\htdocs\index.php on line 3
Fatal error: Maximum execution time of 30 seconds exceeded in C:\xampp\htdocs\index.php on line 3

The only difference I can see is that the fidelity page has a triangle near the https label.

fidelity https label

Solution

  • Ok I have found a solution. The problem is that the site uses SSLv3. And I know that there are some problems in the openssl module. Some time ago I had the same problem with the SSL versions.

    <?php
function getSSLPage($url) {
    $ch = curl_init();
    curl_setopt($ch, CURLOPT_HEADER, false);
    curl_setopt($ch, CURLOPT_URL, $url);
    curl_setopt($ch, CURLOPT_SSLVERSION,3); 
    $result = curl_exec($ch);
    curl_close($ch);
    return $result;
}

var_dump(getSSLPage("https://eresearch.fidelity.com/eresearch/evaluate/analystsOpinionsReport.jhtml?symbols=api"));
?>

    When you set the SSL Version with curl to v3 then it works.

    Edit:

    Another problem under Windows is that you don't have access to the certificates. So put the root certificates directly to curl.

    http://curl.haxx.se/docs/caextract.html

    here you can download the root certificates.

    curl_setopt($ch, CURLOPT_CAINFO, __DIR__ . "/certs/cacert.pem");
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true);

    Then you can use the CURLOPT_SSL_VERIFYPEER option with true otherwise you get an error.