公司有台老服务器,搭的php的环境,有个负载均横的服务 调用 curl_init 的时候报了 Problem with the SSL CA cert (path? access rights?) 网上各种脑补
yum install ca-certificates yum reinstall ca-certificates
当我用 rpm -V ca-certificates 这个命令时的确没有输出
[root@app1 certs]# rpm -V ca-certificates [root@app1 certs]# ls Makefile ca-bundle.crt ca-bundle.trust.crt cacert.pem make-dummy-cert renew-dummy-cert [root@app1 certs]# mv ca-bundle.crt.bak mv: missing destination file operand after `ca-bundle.crt.bak' Try `mv --help' for more information. [root@app1 certs]# mv ca-bundle.crt ca-bundle. ca-bundle.crt ca-bundle.trust.crt [root@app1 certs]# mv ca-bundle.crt ca-bundle.crt.bak [root@app1 certs]# ls Makefile ca-bundle.crt.bak ca-bundle.trust.crt cacert.pem make-dummy-cert renew-dummy-cert [root@app1 certs]# mv cacert.pem ca-bundle.crt [root@app1 certs]# rpm -V ca-certificates S.5....T. c /etc/pki/tls/certs/ca-bundle.crt
一阵命令如虎的操作,显示出来了
最后重启了一下 php-fpm
[root@app1 certs]# service php-fpm restart Restarting php-fpm daemon: php-fpm[19-Feb-2019 14:27:26] ERROR: unable to bind listening socket for address '10.47.97.153:9000': Address already in use (98) [19-Feb-2019 14:27:26] ERROR: FPM initialization failed already running.
发现报错了子,心都是慌的,这个大概是把 php-fpm 进程给干掉,然后 nginx 自动会启新的 php-fpm ,刷一变报502,刷2变就正常了
到此问题解决了,突然还是发现 docker 好,至少镜像出了问题,可以在镜像里面解决.
分别参考:
https://stackoverflow.com/questions/15135834/php-curl-curlopt-ssl-verifypeer-ignored#comment78570660_15237205
https://www.centos.org/forums/viewtopic.php?t=3711