发表新帖
发表新帖

Php curl set ssl version

后端 未结
关注
3 1132
野的像风
野的像风 2020-12-10 16:37

Since 3 days I can\'t connect to the paypal sandbox. I found out that they maybe dissabled the support for SSLv3. So i tried to change the SSL Version in my curl Request by

3条回答
  • 一向
    一向 (楼主)
    2020-12-10 17:34

    Had same issue.

    response:

    bool(false)

    and no error logs!

    So I've made small script:

    and here what I've got in logs:

    [12-Feb-2016 15:56:19] PHP Warning:  file_get_contents(): SSL operation failed with code 1. OpenSSL Error messages:
error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure in /xxx/yyy.php on line 3
[12-Feb-2016 15:56:19] PHP Warning:  file_get_contents(): Failed to enable crypto in /xxx/yyy.php on line 3
[12-Feb-2016 15:56:19] PHP Warning:  file_get_contents(https://api-3t.sandbox.paypal.com/nvp): failed to open stream: operation failed in /xxx/yyy.php on line 3

    My solution was:

    1. Update (1.0+) version of OpenSSL.
    2. Recompile Curl
    3. Recompile PHP with new CURL
    4. Make sure Curl SSL Version is OpenSSL/(1.0+)

    SSL Version OpenSSL/1.0.1e – Good

    SSL Version NSS/3.13.6.0 – Bad

    I am running on CentOS. Here what I did to update:

    1. Update OpenSSL:

      openssl version

    if below 1.0 run: yum update openssl make sure it is actually updated

    1. Reinstall PHP. So save php.ini file

    2. Keep a list of all PHP modules installed via:

      yum list installed | grep php

    save output!

    1. yum erase php
    2. yum erase php-curl
    3. yum install php

    4. yum install php-curl

    5. restart apache or fpm and if you are lucky you'll get things working

    6. restore php.ini configs and PHP modules: yum install php-pgsql; yum install php-gd; etc

    However if your package repositories outdated or you have curl library installed with NSS SSL bindings you can download and compile curl library manually. I've used phpize tool bundled with the php-devel package. So my problem I've had: 

    cURL Information    7.19.7 
SSL Version     NSS/3.13.6.0

    and here is how I've changed it to:

    cURL Information    7.22.0 
SSL Version     OpenSSL/1.0.1e

    1. Update OpenSSL:

      openssl version

    if below 1.0 run: yum update openssl make sure it is actually updated

    1. Reinstall PHP. So save php.ini file

    2. Keep a list of all PHP modules installed via:

      yum list installed | grep php

    save output!

    1. yum erase php
    2. yum erase php-curl
    3. yum install php-devel
    4. print PHP version with rpm -qa --queryformat '%{version}' php and find where you can download exact same PHP sources
    5. Following bash script will install specific curl library:

    #!/bin/bash

PHP_VERSION=$(rpm -qa --queryformat '%{version}' php)

CURL_VERSION=7.22.0

#echo $CURL_VERSION
#exit

#wget --no-check-certificate http://mirror.cogentco.com/pub/php/php-${PHP_VERSION}.tar.gz -O /tmp/php-${PHP_VERSION}.tar.gz
wget --no-check-certificate http://museum.php.net/php5/php-${PHP_VERSION}.tar.gz -O /tmp/php-${PHP_VERSION}.tar.gz
wget --no-check-certificate http://curl.haxx.se/download/curl-${CURL_VERSION}.tar.gz -O /tmp/curl-${CURL_VERSION}.tar.gz

cd /tmp; tar xzf php-${PHP_VERSION}.tar.gz
cd /tmp; tar xzf curl-${CURL_VERSION}.tar.gz

cd curl-${CURL_VERSION}
./configure
make
make install

cd /tmp; rm -rf curl-${CURL_VERSION}*

sleep 2

cd /tmp/php-${PHP_VERSION}/ext/curl/
phpize
./configure
make
make install

cd /tmp; rm -rf php-${PHP_VERSION}*

    1. restart apache or fpm and if you are lucky you'll get things working
    2. restore php.ini configs and PHP modules: yum install php-pgsql; yum install php-gd; etc

    0 讨论(0)
 看不清?
提交回复
热议问题