DEV Community

CoderLegion
CoderLegion

Posted on • Edited on • Originally published at kodblems.com

The openssl extension is missing, which means that secure https transfers are impossible.

🎉 Before you dive into this article...

🚀 Check out our vibrant new community at CoderLegion.com!

💡 Share your knowledge, connect with like-minded developers, and grow together.

👉 Click here to join now!

Problem :
I am trying to install Composer but I am getting the following error:

"Some settings on your machine make Composer unable to work properly. Make sure that you fix the issues listed below and run this script again:

The OpenSSL extension is missing, which means that secure HTTPS transfers are impossible. If possible you should enable it or recompile php with --with-openssl"

I have also gone into my php.ini-production and uncommented the following code: "extension=php_openssl.dll"

But still, it is not working for me, Am I missing something?

Solution :
I had also faced the same issue in the past, please follow the below approach to resolve your issue:

I doubt the "php.ini-production" is the dummy configuration file suitable for live environments. I will suggest you do a php -i at the console and also try to find the 'php.ini' path, to understand where it is expecting the ini file to be kept. It may be the case that normally it is expecting "php.ini", and it may not actually exist. If that is the case then, copy the php.ini-development (or equivalent) to the location required.

This is very near the top of actually a very long output, so you may find it redirecting it to a file helpful (php -i > C:\phpinfo.txt).

Another Solution :
I conceived "php.ini-production" is a dummy configuration file suitable for live environments. Do a php -i at the console and trace the 'php.ini' path, to view where it is expecting the ini file to be kept. This is generally expecting "php.ini", and may not really exist - in case it does not, copy php.ini-development (or same) to the location requisite.

This is near the top of (a very long) output, hence you may trace redirecting it to a file useful

php -i > C:\phpinfo.txt).
You will further require to uncomment the extension dir. For example, trace this line in your php.ini file:

;extension_dir = "ext"
Remove the semi-colon in front and save the file. I am certain this will perform.

Remember to open your php.ini Administrator mode

After altering anything in php.ini you have to restart your server, ensure that you did so first of all.

in WAMPserver edit this files:

D:\wamp\bin\php\php5.3.10\php.ini

or

D:\wamp\bin\php\php5.4.12\php.ini (based on version)

Do not employ the php.ini in the WAMP server menu. It will not perform. Go to the origin of your wamp and as defined above with D as root.

Create a php.ini (for example from php.ini-production), open it in an editor as admin (!), remove the commenting semicolon; in front of extension=php_openssl.dll, set the extension_dir accurately, and save the file. After that, it must be performed. However once again: open and edit the php.ini as admin.

In case you are employing MAMP on Windows, you require to alter the extension for php.ini-development to php.ini . After that, paste this line ;extension_dir = "ext" into the php.ini file, prior to the first extension appearing and uncommenting this other line ;extension=php_openssl.dll removing the prefixed semicolon. Remember to restart apache

A similar error happened to me. I solved it by turning off TLS for Composer, it's not safe however I considered the risk on my development machine.

Attempt this:

composer config -g -- disable-tls true
and re-run your Composer. It performs to me.

However, it's not secure and not recommended for your Server. The official website says:

In the case set to true, all HTTPS URLs will be attempted with HTTP instead and no network-level encryption is worked. Enabling this is a security risk and is NOT recommended. The better method is to enable the php_openssl extension in php.ini.

In case you don't want to enable unsecure layer in your machine/server, so setup your php to enable OpenSSL and it also performed. Ensure that the PHP Openssl extension has been installed and enable it on php.ini file.

To enable OpenSSL, add or trace and uncomment this line on your php.ini file:

Linux/OSx:

extension=php_openssl.so
Windows:

extension=php_openssl.dll
And reload your php-fpm / web-server in case reqired

For the composer reference, there are two relevant options: disable-tls and secure-http.

nano ~/.composer/config.json ...
{
"config": {
"disable-tls": true,
"secure-http": false
}
}
Thereafter it complains much:

You are running Composer with SSL/TLS protection disabled.
Warning: Accessing getcomposer.org over http which is an insecure protocol.
However, it works the composer selfupdate (or whatever).

while one cannot easily "enable SSL in the php.ini" on Linux; PHP requires to be compiled with openSSL configured as shared library - in order to be able to access it from the PHP CLI SAPI.

Hence, after inventioning and looking for a while I found that my PHP.INI obviously didn't look in the accurate directory for my PHP Extensions, so I went under:

"Directory in which the loadable extensions (modules) reside." And casting the following:

; http://php.net/extension-dir
; extension_dir = "./"
; On windows:
;extension_dir = "ext"
And easily removed the ; infront of "extension_dir = "ext", note this is just for Windows, remove the semicolon in front of the first extension_dir in case you are running a different operating system.

Top comments (0)