以下是让 Composer 在代理后工作的关键点(适用于 Windows,未在 Linux 上尝试):
1) URL 对您的密码进行编码(用于特殊字符)
您可以使用 PHP 命令行轻松完成此操作,例如:
输入:
php -r "echo urlencode('P*a/$$/w!0%r$d');"
输出:
P%2Aa%2F%24%24%2Fw%210%25r%24d
使用生成的值设置 HTTP_PROXY 和 HTTPS_PROXY 环境变量。
2) 删除 HTTP_PROXY 和 HTTPS_PROXY 环境变量周围的引号
发件人:
SET HTTP_PROXY="http://username:password@hostname:port"
SET HTTPS_PROXY="http://username:password@hostname:port"
收件人:
SET HTTP_PROXY=http://username:password@hostname:port
SET HTTPS_PROXY=http://username:password@hostname:port
Composer WON'T WORK带引号,它使用PHP核心函数“parse_url”来解析变量:
带引号:
php -r "print_r(parse_url('\"http://username:password@proxy:8080\"'));"
Array
(
[path] => "http://username:password@proxy:8080"
)
不带引号:
php -r "print_r(parse_url('http://username:password@proxy:8080'));"
Array
(
[scheme] => http
[host] => proxy
[port] => 8080
[user] => username
[pass] => password
)
3) 确保为 HTTPS 连接正确设置了证书授权文件或路径
Composer 将按以下顺序使用第一个可读文件或路径:
-
环境变量:
SSL_CERT_FILE
SSL_CERT_DIR
-
php.ini:
openssl.cafile
openssl.capath
-
文件:
/etc/pki/tls/certs/ca-bundle.crt
/etc/ssl/certs/ca-certificates.crt
/etc/ssl/ca-bundle.pem
/usr/local/share/certs/ca-root-nss.crt
/usr/ssl/certs/ca-bundle.crt
/opt/local/share/curl/curl-ca-bundle.crt
/usr/local/share/curl/curl-ca-bundle.crt
/usr/share/ssl/certs/ca-bundle.crt
/etc/ssl/cert.pem
/usr/local/etc/ssl/cert.pem
/usr/local/etc/openssl/cert.pem
-
非空文件夹:
/etc/pki/tls/certs/
/etc/ssl/certs/
/etc/ssl/
/usr/local/share/certs/
/usr/ssl/certs/
/opt/local/share/curl/
/usr/local/share/curl/
/usr/share/ssl/certs/
/etc/ssl/
/usr/local/etc/ssl/
/usr/local/etc/openssl/
如果以上都不是有效的,Composer 将使用它的嵌入文件:
composer.phar /vendor/composer/ca-bundle/res/cacert.pem
4) 如果您遇到“证书验证失败”错误
[Composer\Downloader\TransportException]
The "https://packagist.org/packages.json" file could not be downloaded: SSL operation failed with code 1. OpenSSL Error messages:
error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed
failed to open stream: Cannot connect to HTTPS server through proxy
这意味着使用的 CA 文件或路径不包含所需的证书。
然后你可以:
-
从 composer.phar 中提取默认文件:
php -r "(new Phar('composer.phar'))->extractTo('/tmp/cacert/', 'vendor/composer/ca-bundle/res/cacert.pem');"
然后将所需的证书(例如您的公司代理证书)添加到文件末尾
-
并在 php.ini 中强制该文件
[openssl]
; The location of a Certificate Authority (CA) file on the local filesystem
; to use when verifying the identity of SSL/TLS peers. Most users should
; not specify a value for this directive as PHP will attempt to use the
; OS-managed cert stores in its absence. If specified, this value may still
; be overridden on a per-stream basis via the "cafile" SSL stream context
; option.
openssl.cafile=/tmp/cacert/vendor/composer/ca-bundle/res/cacert.pem