By Ilario Engler


2015-11-21 23:31:03 8 Comments

I'm using Google reCaptcha for my webpage.

In testing mode everything works fine. No SSL.

When I test my webpage in production environment the following errors occures:

Warning: file_get_contents(): SSL operation failed with code 1. OpenSSL Error messages: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed in /vendor/google/recaptcha/src/ReCaptcha/RequestMethod/Post.php on line 68

Warning: file_get_contents(): Failed to enable crypto in /vendor/google/recaptcha/src/ReCaptcha/RequestMethod/Post.php on line 68

Warning: file_get_contents(https://www.google.com/recaptcha/api/siteverify): failed to open stream: operation failed in /vendor/google/recaptcha/src/ReCaptcha/RequestMethod/Post.php on line 68
["invalid-json"]

I'm calling the reCaptcha API like this:

<script src="https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit"
                async defer></script>

as described on the developer page from google.

I'm hosting my webpage at hoststar.ch. There is TSL 1.2 running.

I hope somebody could help me.

2 comments

@Nabil Mohammed Nalakath 2018-05-14 12:06:30

Change file_get_contents to curl. Here is the code,

Change-

$verify=file_get_contents("https://www.google.com/recaptcha/api/siteverify?secret={$secret}&response={$response}");
 $captcha_success=json_decode($verify);  /*store json response*/

To this code :

$ch = curl_init("https://www.google.com/recaptcha/api/siteverify?secret={$secret}&response={$response}");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$verify = curl_exec($ch);

$captcha_success=json_decode($verify);  /*store json response*/

Please note $secret is the secret key stored on server side and $response is the recaptcha response send through post from front end.

@RamRaider 2015-11-22 08:42:33

In response to your last comment I realise you cannot change Google's reCaptcha api - what I meant was simply to do a file_get_contents actually on example.com ( it does exist ) as a test to see if you can retrieve any content using that method as some webhosts disable the associated functionality.

However, with respect to the Google reCatcha API you might need to specify additional parameters to the file_get_contents function call, notably setting the context options specifically for SSL.

$secret = 'Your google secret';
$captcha = trim( $_POST['g-recaptcha-response'] );
$ip = $_SERVER['REMOTE_ADDR'];
$url = "https://www.google.com/recaptcha/api/siteverify?secret={$secret}&response={$captcha}&remoteip={$ip}";

$options=array(
    'ssl'=>array(
        'cafile'            => '/path/to/cacert.pem',
        'verify_peer'       => true,
        'verify_peer_name'  => true,
    ),
);
$context = stream_context_create( $options );
$res=json_decode( file_get_contents( $url, FILE_TEXT, $context ) );
if( $res->success ){/* all good */}
else{ /* captcha failed */ }

If you don't already have a copy of cacert.pem or ca-bundle.crt you can download them from their respective links. The path to the cafile can use either - save a copy to your host and correct the path to suit your environment.

@Ilario Engler 2015-11-22 15:21:57

change the arrayname from http to ssl and adding the cert locally made it work, thank you .. look over at my next question about pass the params with a POST request ... stackoverflow.com/questions/33856354/…

Related Questions

Sponsored Content

16 Answered Questions

2 Answered Questions

[SOLVED] SSL Error at Composer Install

9 Answered Questions

[SOLVED] SSL error SSL3_GET_SERVER_CERTIFICATE:certificate verify failed

  • 2015-08-25 18:19:53
  • clarkk
  • 133712 View
  • 43 Score
  • 9 Answer
  • Tags:   php apache openssl

2 Answered Questions

[SOLVED] Google reCaptcha with php validation

1 Answered Questions

SSL operation failed with code 1. OpenSSL Error messages:

2 Answered Questions

Sponsored Content