Issues with composer.phar with nss and api.github.com

Question

I am attempting to use composer.phar on a server with RHEL6.

Installation details: curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.14.3.0 zlib/1.2.3 libidn/1.18 libssh2/1.4.2 PHP 5.4.16 Zend Engine v2.4.0, Copyright (c) 1998-2013 Zend Technologies

My composer.json looks like this:

{
    "name" : "zendframework/skeleton-application",
    "description" : "Skeleton Application for ZF2",
    "keywords" : [
        "framework",
        "zf2"
    ],
    "homepage" : "https://something.com/",
    "require" : {
        "php" : ">=5.3.3",
        "zendframework/zendframework" : "2.*"
    }
}

Running php composer.phar update results in:

Loading composer repositories with package information
Updating dependencies (including require-dev)
  - Installing zendframework/zendframework (2.2.5)
    Downloading: 100%
    Downloading: 100%
    Downloading: 100%



  [Composer\Downloader\TransportException]
  The "https://api.github.com/repos/zendframework/zf2/zipball/4a7cf6a4cf791244e14aa0ca49d1f06916b63202" file could not be downloaded: SSL: Connection reset by peer
  Failed to enable crypto
  failed to open stream: operation failed

Next step was to attempt curl:

$ curl -vvv "https://api.github.com/repos/zendframework/zf2/zipball/4a7cf6a4cf791244e14aa0ca49d1f06916b63202"
* About to connect() to api.github.com port 443 (#0)
*   Trying 192.30.252.139... connected
* Connected to api.github.com (192.30.252.139) port 443 (#0)
* Initializing NSS with certpath: sql:/etc/pki/nssdb
*   CAfile: /etc/pki/tls/certs/ca-bundle.crt
  CApath: none
* NSS error -5961
* Closing connection #0
* SSL connect error
curl: (35) SSL connect error

Forcing SSLV3 works:

curl -3 -vvv "https://api.github.com/repos/zendframework/zf2/zipball/4a7cf6a4cf791244e14aa0ca49d1f06916b63202"
* About to connect() to api.github.com port 443 (#0)
*   Trying 192.30.252.138... connected
* Connected to api.github.com (192.30.252.138) port 443 (#0)
* Initializing NSS with certpath: sql:/etc/pki/nssdb
*   CAfile: /etc/pki/tls/certs/ca-bundle.crt
  CApath: none
* SSL connection using SSL_RSA_WITH_RC4_128_SHA
* Server certificate:
*       subject: CN=*.github.com,O="GitHub, Inc.",L=San Francisco,ST=California,C=US
*       start date: Apr 30 00:00:00 2012 GMT
*       expire date: Jul 09 12:00:00 2014 GMT
*       common name: *.github.com
*       issuer: CN=DigiCert High Assurance CA-3,OU=www.digicert.com,O=DigiCert Inc,C=US
> GET /repos/zendframework/zf2/zipball/4a7cf6a4cf791244e14aa0ca49d1f06916b63202 HTTP/1.1
> User-Agent: curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.14.3.0 zlib/1.2.3 libidn/1.18 libssh2/1.4.2
> Host: api.github.com

Has anyone encountered this issue with composer.phar, and overcome it (and will share his/her solution :-) )? I know composer uses PHP's file_get_contents().

Answer 1

Not the best solution, but for the sake of time, I worked around the problem. I took the URL from the error output:

https://api.github.com/repos/zendframework/zf2/zipball/4a7cf6a4cf791244e14aa0ca49d1f06916b63202

I plugged it into a browser on my Windows-based workstation. On the RHEL6 box, in the home directory of the user that is using composer, there is a .composer directory. I placed the downloaded zip file in this directory:

/home/composeruser/.composer/cache/files/zendframework/zendframework

I then had to rename the zip file to what was called for in the url (adding the zip extension):

/home/composeruser/.composer/cache/files/zendframework/zendframework/4a7cf6a4cf791244e14aa0ca49d1f06916b63202.zip

The next time composer was run, it used the cached file, and moved on. If anyone comes up with a way to avoid pre-caching the files on a RHEL6 box with NSS, let me know.