问题
I'm trying to implement adaptive payments with SetPaymentOptions. I'm getting the following error:
SDK Exception Type PPConnectionException
Message Unknown cipher in list: TLSv1
Detailed message Error connecting to https://svcs.paypal.com/AdaptivePayments/SetPaymentOptions
I dont know what this means. Any idea on how to get this working? I have this for part of my code in the PPHttpconfig:
public static $DEFAULT_CURL_OPTS = array(
CURLOPT_SSLVERSION => 1,
CURLOPT_CONNECTTIMEOUT => 10,
CURLOPT_RETURNTRANSFER => TRUE,
CURLOPT_TIMEOUT => 60, // maximum number of seconds to allow cURL functions to execute
CURLOPT_USERAGENT => 'PayPal-PHP-SDK',
CURLOPT_HTTPHEADER => array(),
CURLOPT_SSL_VERIFYHOST => 2,
CURLOPT_SSL_VERIFYPEER => 1,
CURLOPT_SSL_CIPHER_LIST => 'TLSv1',
);
回答1:
Seems if you are using NSS instead of OpenSSL, Having Cipher List is causing the issue, as TLSv1 is not in the NSS.
If you are having that error, you might want to run
php -r "print_r(curl_version());"
If the output has
[ssl_version] => NSS/...
It means, you have NSS. Then you can just remove the CURLOPT_SSL_CIPHER_LIST from the array
public static $DEFAULT_CURL_OPTS = array(
CURLOPT_SSLVERSION => 1,
CURLOPT_CONNECTTIMEOUT => 10,
CURLOPT_RETURNTRANSFER => TRUE,
CURLOPT_TIMEOUT => 60, // maximum number of seconds to allow cURL functions to execute
CURLOPT_USERAGENT => 'PayPal-PHP-SDK',
CURLOPT_HTTPHEADER => array(),
CURLOPT_SSL_VERIFYHOST => 2,
CURLOPT_SSL_VERIFYPEER => 1,
);
EDIT: The release was made with the fix at : https://github.com/paypal/sdk-core-php/releases/tag/v2.5.8
回答2:
CURLOPT_SSL_CIPHER_LIST => 'TLSv1',
There are not TLSv1 ciphers. TLS 1.0 and TLS 1.1 use SSL 3.0 ciphers. TLS 1.2 adds some new ciphers but still supports the SSL 3.0 ciphers. If you want to make your code safe against POODLE you need to care about the SSL protocol version only, not the ciphers.
来源:https://stackoverflow.com/questions/26882530/paypal-sdk-adaptive-payments-unknown-cipher-in-list-tlsv1