Question posted in 
I want to upload files to NextCloud via PHP on Windows 11. I do not know PHP much but I managed to install sabre/dav via composer
Then I found on the internet simple code sample to list files.
<?php
// installed via - composer require sabre/dav
include 'vendor/autoload.php';
use SabreDAVClient;
$settings = array(
'baseUri' => 'https://cd.wedos.com/remote.php/dav/files/wedos-auth-xxxxxxxx',
'userName' => '[email protected]',
'password' => 'myPasssword'
);
$client = new Client($settings);
// Upload a file
//$upload_result = $client->request('PUT', 'test-upload.txt', 'This will be written to the txt file');
// List a folder's contents
$folder_content = $client->propFind('path/to/folder', array(
'{DAV:}getlastmodified',
'{DAV:}getcontenttype',
), 1);
But I am getting this error
PHP Fatal error: Uncaught SabreHTTPClientException: SSL certificate problem: unable to get local issuer certificate in D:dataprojectserpphpvendorsabrehttplibClient.php:327
I searched for the solution and it seems to me that I have two options
- Disable Certificate Validation – which is not recommended for security reasons. But I have no ideal how to do it anyaway. I would like to actually try because I am going to use webDAV server and PHP client within the same company
- install / import certificate
- I have no idea what certificate – from cd.wedos.com ?
- how and to where to save / import it?
Is there someone that could help me?
UPDATE1
I ran curl -v cd.wedos.com and got these results
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.3 (IN), TLS handshake, Unknown (8):
* TLSv1.3 (IN), TLS handshake, Certificate (11):
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
* TLSv1.3 (IN), TLS handshake, Finished (20):
* TLSv1.3 (OUT), TLS handshake, Finished (20):
* SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384 / [blank] / UNDEF
* ALPN: server accepted h2
* Server certificate:
* subject: CN=cd.wedos.com
* start date: Jun 1 15:19:19 2024 GMT
* expire date: Aug 30 15:19:18 2024 GMT
* subjectAltName: host "cd.wedos.com" matched cert's "cd.wedos.com"
* issuer: C=US; O=Let's Encrypt; CN=R3
* SSL certificate verify ok.
* Certificate level 0: Public key type ? (2048/112 Bits/secBits), signed using sha256WithRSAEncryption
* Certificate level 1: Public key type ? (2048/112 Bits/secBits), signed using sha256WithRSAEncryption
* Certificate level 2: Public key type ? (4096/128 Bits/secBits), signed using sha256WithRSAEncryption
* old SSL session ID is stale, removing
So I guess the issue is that PHP cannot see / is not using certificates
2
Answers
Run composer installer that also ships with the certificates. Then use the
composer diagnosecommand to verify they are available.Then retry with the webdav PHP script. It is perhaps already solved then. If not, point to the same configuration for the PHP curl library in use. SabreWebdav also may have an option to point to the certificates, but better do for the curl extension.
As explained in this PHP.Watch article, the issue
is specific to Windows. On other OSes, curl uses the system list of root certificates:
To make it work on Windows, you can follow the instructions contained in the "Download and maintain a cacert.pem file" section:
For your target system, which is Debian, it should work out of the box.