执行错误" ListBuckets" on" https://s3-us-west-2.amazonaws.com/:这个错误的原因是什么?

时间:2016-01-12 14:06:51

标签: php amazon-web-services amazon-s3 amazon-ec2

当我尝试列出buckets时,我收到以下php错误:

( ! ) Fatal error: Uncaught exception 'Aws\S3\Exception\S3Exception' with message 
'Error executing "ListBuckets" on "https://s3-us-west-2.amazonaws.com/";
AWS HTTP error: cURL error 60: SSL certificate problem: unable to get 
local issuer certificate (see http://curl.haxx.se/libcurl/c/libcurl-errors.html)' in 
C:\wamp\www\Web_Projects\aws\Aws\WrappedHttpHandler.php on line 159

( ! ) Aws\S3\Exception\S3Exception: Error executing "ListBuckets" on 
"https://s3-us-west-2.amazonaws.com/"; AWS HTTP error: cURL error 60: SSL 
certificate problem: unable to get local issuer certificate (see 
http://curl.haxx.se/libcurl/c/libcurl-errors.html) in 
C:\wamp\www\Web_Projects\aws\Aws\WrappedHttpHandler.php on line 159
Call Stack

我正在尝试的代码:

<?php
    error_reporting(1);

    require 'aws-autoloader.php';
    use Aws\S3\S3Client;


    $options = [
        'region'            => 'us-west-2',
        'version'           => 'latest',
        'credentials' => [
            'key'    => 'AKXXXXXXLPPHXXXXXXXXXPA',
            'secret' => 'a/b/c+d',
        ]
    ];

    $s3Client = new S3Client($options);
    $s3Client->listBuckets();

?>

我收到上述错误的原因是什么?

1 个答案:

答案 0 :(得分:0)

这些错误指的是在本地密钥库中找到发布的Root中间CA的问题:

AWS HTTP error: cURL error 60: SSL certificate problem: unable to get 
local issuer certificate

libcurl Error Codes所示,错误60为:

CURLE_SSL_CACERT (60) Peer certificate cannot be authenticated with known CA certificates.

尝试此操作:使用CURL的命令行版本连接到您所指的HTTPS网址:

curl https://www.example.com

您应该看到以下消息:

>curl  https://www.example.com
curl: (60) SSL certificate problem: unable to get local issuer certificate
More details here: http://curl.haxx.se/docs/sslcerts.html

curl performs SSL certificate verification by default, using a "bundle"
 of Certificate Authority (CA) public keys (CA certs). If the default
 bundle file isn't adequate, you can specify an alternate file
 using the --cacert option.
If this HTTPS server uses a certificate signed by a CA represented in
 the bundle, the certificate verification probably failed due to a
 problem with the certificate (it might be expired, or the name might
 not match the domain name in the URL).
If you'd like to turn off curl's verification of the certificate, use
 the -k (or --insecure) option.

按照上面和Details on Server SSL Certificates中提供的说明操作。同时运行Qualsys SSL Server Test以帮助分析任何可能的问题。

通过命令行确认并修复后,重新运行代码。它应该正确运行。

相关问题
最新问题