Error on Admin login - Magento 2.1

Question

I have installed Magento 2.1 with PHP 7.0.11 on a nginx/PHP-FPM web server. When I go to my Magento Admin URL and login with my credentials, I receive an error -

" Warning: is_dir(): open_basedir restriction in effect. File(/etc/pki/tls/certs) is not within the allowed path"

This appears to be an issue with Magento 2.1, as I have not come across this on my Magento 2.0 installations with the same server setup.

In order to fix the issue, I added "/etc/pki/tls/certs" to my open_basedir settings.

My questions are:

Is this open_basedir error truly the problem, or is it being caused by something else?
Is adding "/etc/pki/tls/certs" to my open_basedir settings a security risk? It seems like an odd thing to add to open_basedir.

probably too late but I have figured it out :) – iphigenie Nov 04 '16 at 15:57 — iphigenie, Nov 04 '16 at 15:57

iphigenie · Answer 1 · 2016-11-07T10:48:24.630

I just wasted a day on this and eventually figured out that NO, the certs are not the problem. Composer is the problem.

/home/alpinewi/m2.alpinewines.co.uk/magento2/vendor/composer/composer/src/Composer/Util/RemoteFilesystem.php(801): Composer\Util\RemoteFilesystem->getSystemCaRootBundlePath()

I eventually went digging on the bug tracker of Magento 2 and found something! This is all caused by composer and the version of composer that 2.1.2 is tracking along, which is an alpha

Edit you composer.json file

find the line

"composer/composer": "@alpha"

change to

"composer/composer": "1.1.2 as 1.0.0-beta1"

now run

composer update

and you should see

Updating dependencies (including require-dev)
- Installing composer/ca-bundle (1.0.6)
Downloading: 100%
- Removing composer/composer (1.0.0-beta1)
- Installing composer/composer (1.1.2)
Downloading: 100%

The ca-bundle is what fixes the error, I think. it was totally missing in the more recent alpha version

see https://github.com/magento/magento2/issues/4359

obviously it is a little late for the original poster, but hopefully it can help the next person to encounter this — iphigenie, Nov 07 '16 at 10:18
If you are coming to this now in 2017, there's probably a newer version number you can use than 1.1.2 — iphigenie, Jul 01 '17 at 09:36

score 8 · Answer 2 · edited Aug 01 '17 at 12:32

8

Put disable-tls:true in composer.json file, as in following :

"config": {
"use-include-path": true 
"disable-tls": true
},

this is because of ssl

Source.

edited Aug 01 '17 at 12:32

PЯINCƎ

11,669
3
25
80

answered May 01 '17 at 07:51

Alam Zaib

199
1
11

That will install Magento w/o TLS. You will loose transport security. This does not only affect the installation via composer but can also the Magento application itself. – hakre Jul 02 '17 at 15:10
Thanx Alam its save me lot of time – Praveen Chelumalla Dec 14 '23 at 03:16

score 0 · Answer 3 · answered Feb 28 '19 at 09:58

0

Very late response, but this can be fixed by changing your server settings. In Plesk, if you go to PHP Settings just change open_basedir to "none".

answered Feb 28 '19 at 09:58

Natalie

101
2

Error on Admin login - Magento 2.1

3 Answers3

Linked