maclof/kubernetes-client

undefined method RequestException::getResponse() when SSL certificate verification fails

joekohlsdorf opened this issue · 4 comments

joekohlsdorf commented

Version 0.26.0 throws this error when SSL certificate validation is enabled but fails:

PHP Fatal error:  Uncaught Error: Call to undefined method Http\\Client\\Exception\\RequestException::getResponse() in /var/www/html/vendor/maclof/kubernetes-client/src/Client.php:427
Stack trace:
#0 /var/www/html/vendor/maclof/kubernetes-client/src/Repositories/Repository.php(79): Maclof\\Kubernetes\\Client->sendRequest()
#1 /var/www/html/vendor/maclof/kubernetes-client/src/Repositories/Repository.php(255): Maclof\\Kubernetes\\Repositories\\Repository->sendRequest()
#2 /var/www/html/test.php(65): Maclof\\Kubernetes\\Repositories\\Repository->find()

Older versions throw a more useful error:

PHP Fatal error:  Uncaught Http\\Client\\Socket\\Exception\\SSLConnectionException: Cannot enable tls: stream_socket_enable_crypto(): SSL operation failed with code 1. OpenSSL Error messages:
error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed
patriceckhart commented

@joekohlsdorf
It works for me this way:

use GuzzleHttp\Client as GuzzleHttpClient;
use Maclof\Kubernetes\Client;

public function client(): Client
{
$httpClient = new GuzzleHttpClient([
'verify' => constant('FLOW_PATH_DATA') . 'Secrets/kube/cert/ca.crt',
'cert' => constant('FLOW_PATH_DATA') . 'Secrets/kube/cert/server.crt',
'ssl_key' => constant('FLOW_PATH_DATA') . 'Secrets/kube/cert/server-key.pem',
]);
return new Client([
'master' => 'https://xxx.xxx.xxx.xxx',
], null, $httpClient);
}

  • 👍1
joekohlsdorf commented

I think you misunderstand.
I'm reporting that an error message was changed in a way which is not helpful anymore. Older version showed a message which easily allowed to identify the cause of the problem, newer versions only show Call to undefined method.

piotrek-r commented

This is a bigger problem. The try/catch block at Client.php:427 catches Http\Client\Exception\TransferException exceptions. But they are not guaranteed to have getResponse() method. Only some of their subclasses do.

This block caught Http\Client\Exception\NetworkException, and it doesn't have the method either, and I got the same message.

If it's not fixed soon, I'll try to fix it and make a pull request. If time will allow...

skoop commented

I am running into this same error (using the guzzle6 adapter for httplug). The caught exception (Http\Client\Exception\RequestException) does not have a getResponse() method causing the Call to undefined method Http\Client\Exception\RequestException::getResponse().