Opened 9 years ago
Closed 9 years ago
#1172 closed defect (bug) (invalid)
Server with broken CERTS cannot "upgrade network" since 4.2.3
Reported by: | hallcp | Owned by: | |
---|---|---|---|
Milestone: | Priority: | normal | |
Component: | General | Keywords: | |
Cc: |
Description
I tried to update our WordPress install to 4.2.3. The update itself seemed to go OK, but when I tried to upgrade the individual sites I get this error:
Warning! Problem updating http://swwdev2.unx.sas.com/blogs/wp.dev/globaltags. Your server may not be able to connect to sites running on it. Error message: SSL certificate problem, verify that the CA cert is OK. Details: error:14090086:SSL routines:func(144):reason(134)
It says Warning, but it halts the process. Nothing is written to the debug log. We know our server's SSL certificates are bad, but this hasn't been a show-stopper before. The Unix sysadmin says he can't fix our certificates without upgrading to a new version of Linux, so this is a real roadblock. In the past things like plugin updates have warned about the certificate, then tried a non-SSL connection and kept trucking.
Change History (2)
#2
@
9 years ago
- Resolution set to invalid
- Status changed from new to closed
Rouven is correct, but it's even better to use filters rather than hacking core file:
add_filter( 'https_ssl_verify', '__return_false' ); add_filter( 'https_local_ssl_verify', '__return_false' );
Don't leave that on permanently, though, just when you're running the network upgrade. Otherwise you'd open the server up to impersonation attacks, etc.
This seems like a WordPress Core issue and should be reported there (https://core.trac.wordpress.org/newticket) instead of the Meta Trac (which is for the WordPress Sites, such as wordpress.org, wordcamp.org, etc. directly).
But I think if you add
'sslverify' => false
to the args in the line$response = wp_remote_get( $upgrade_url, array( 'timeout' => 120, 'httpversion' => '1.1' ) );
(that's in line number 69 for me)like this
$response = wp_remote_get( $upgrade_url, array( 'timeout' => 120, 'httpversion' => '1.1', 'sslverify' => false ) );
in
wp-admin/network/upgrade.php
that should work. (It would disable the verification of the SSL Certs)@Meta Trac maintainers: Not sure if I should set it to invalid, so I'm just leaving it as is.