Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

EBSCO KB: ‘No results found’ #567

Open
haozeng0 opened this issue Mar 21, 2019 · 9 comments
Open

EBSCO KB: ‘No results found’ #567

haozeng0 opened this issue Mar 21, 2019 · 9 comments

Comments

@haozeng0
Copy link

I double checked with EBSCO that the API key they provided is valid. But I still get this error:

[Thu Mar 21 16:25:19.486256 2019] [:error] [pid 5268:tid 1076] [client 24.0.158.46:53909] PHP Warning: array_map(): Argument #2 should be an array in C:\Apache24\htdocs\coral\resources\admin\classes\domain\EbscoKbService.php on line 307, referer: https://archives.yu.edu/coral/resources/ebsco_kb.php
@vinny75
Copy link
Contributor

vinny75 commented Mar 22, 2019

I'm having the exact same issue.

My initial diagnosis led me to "Peer's certificate issuer has been marked as not trusted by the user." error returned from the call to curl

coral/resources/admin/classes/domain/EbscoKbService.php

Line 283 in 528fa17

$response = curl_exec($ch);
.

I turned off SSL verification using the following two lines:
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER,false);
curl_setopt($ch, CURLOPT_SSL_VERIFYSTATUS. false);

But now I'm stuck at a "/php/urlblock.php?" on Amazon CloudFront. I've tried setting curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true); but that hasn't solved the problem either.

@vinny75
Copy link
Contributor

vinny75 commented Mar 22, 2019
edited
Loading

Here is the code I am using in EbscoKbService to track down the errors

    $ch = curl_init();
    curl_setopt($ch, CURLOPT_URL,$url);
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
    curl_setopt($ch, CURLOPT_HTTPHEADER, [
        'Accept: application/json',
        'x-api-key: '.$this->config->settings->ebscoKbApiKey,
    ]);

curl_setopt($ch, CURLINFO_HEADER_OUT, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER,false);
curl_setopt($ch, CURLOPT_SSL_VERIFYSTATUS. false);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
    
$response = curl_exec($ch);
   
var_dump(curl_error($ch)); echo "<br><br>";
var_dump( curl_getinfo($ch)); echo "<br><br>";

curl_close($ch);

@veggiematts
Copy link
Contributor

I can confirm I have the same error on my instance, where EbscoKB used to work.
With SSL verification disabled, I still get an error: "{"Message":"User is not authorized to access this resource with an explicit deny"}".
I don't know if that means that my EBSCO KB credentials are no longer valid.
Anyway, I don't think disabling SSL verification is a good idea.
@queryluke any opinion on this ?

@veggiematts
Copy link
Contributor

Okay, so my key was somehow no longer valid indeed.

With a valid key, I get results by disabling SSL verification, but I also get results with SSL verification enabled.

@haozeng0 @vinny75 Which version of PHP-Curl are you using ?
Mine is 7.47.0

@queryluke
Copy link
Contributor

@vinny75 @haozeng0 @veggiematts

I created a new VM with a fresh install of Coral from the master branch (Centos 7 server, php 5.6.40) and am not having issues. This leads me to believe that this is a server issue and not a code issue. Let me know if you want me to try with a later php version. Or, if you want to do some local troubleshooting yourself, you can use my coral-erm vagrantbox

At Sirsi we were having similar trouble getting the SOAP client to work for SUSHI. Here is somewhat of a brain-dump on how we troubleshot the issue.

Eliminate EBSCOkb variable

Create a php file somewhere on your server. And test if you can get a curl response or file_get_contents() response from a different server. For example:

// file_get_contents()
var_dump(file_get_contents('https://www.google.com'));

// curl
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, 'https://www.google.com');
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
$response = curl_exec($ch);
var_dump($response);

For file_get_contents, I was getting the following error:

Warning: file_get_contents(): SSL: Handshake timed out in /software/coral/soap.php on line 26
Warning: file_get_contents(): Failed to enable crypto in /software/coral/soap.php on line 26

Update OpenSSL

We tried this before doing anything else. It didn't fix the issue, but I'm letting you know because I cannot say if the below will work without updating OpenSSL. On our the Sirsi servers (where ebscoKB is working), we have OpenSSL 1.1.0h installed.

Set default_socket_timeout

After more testing, we found that the file_get_contents() error was caused by our default_socket_timeout in php.ini was set to -1. We changed this value to 60. At this point, file_get_contents was working and I started getting a different SOAPClient error.

Set openssl.capath

I found this article about CA file issues. Which lead me to discover that in our php.ini file we did not have the openssl.capath set. We made the following change in php.ini:

From;openssl.cafile=
Toopenssl.cafile="/etc/pki/tls/certs/ca-bundle.crt"

Note that the path we used is the standard location (based on what the article says). But your server might be different. Also, where your php.ini file is located typically varies widely from server to server so I can't speak to its location either.

@vinny75
Copy link
Contributor

vinny75 commented Apr 4, 2019

Okay, so my key was somehow no longer valid indeed.

With a valid key, I get results by disabling SSL verification, but I also get results with SSL verification enabled.

@haozeng0 @vinny75 Which version of PHP-Curl are you using ?
Mine is 7.47.0

7.29.0

@vinny75
Copy link
Contributor

vinny75 commented Apr 4, 2019

@vinny75 @haozeng0 @veggiematts

I created a new VM with a fresh install of Coral from the master branch (Centos 7 server, php 5.6.40) and am not having issues. This leads me to believe that this is a server issue and not a code issue. Let me know if you want me to try with a later php version. Or, if you want to do some local troubleshooting yourself, you can use my coral-erm vagrantbox

I think you're right - I'm getting the same peer certificate error now when trying yum. I'll have to see if my IT shop has made any changes to my VM without telling me

@haozeng0
Copy link
Author

haozeng0 commented Apr 4, 2019

@veggiematts

Okay, so my key was somehow no longer valid indeed.

With a valid key, I get results by disabling SSL verification, but I also get results with SSL verification enabled.

@haozeng0 @vinny75 Which version of PHP-Curl are you using ?
Mine is 7.47.0

@veggiematts,
my php: 5.6.40
PHP-Curl: 7.59.0

I tried disabled SSL, still the same error.

@haozeng0
Copy link
Author

Troubleshooting with Bill Mckinney from EBSCO this morning.

Add
curl_setopt($ch, CURLINFO_HEADER_OUT, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER,false);
curl_setopt($ch, CURLOPT_SSL_VERIFYSTATUS. false);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
to EbscoKBService.php line 282 and fixed the Windows Server - EBSCO KB: ‘No results found’ issue.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@vinny75 @veggiematts @haozeng0 @queryluke