PHP, curl and SSL23_GET_SERVER_HELLO
Using the following curl block I was getting an unexpected response from the server.
1 2 3 4 5 6 7 | $ch = curl_init($post_url); curl_setopt( $ch, CURLOPT_POST, 1 ); curl_setopt( $ch, CURLOPT_POSTFIELDS, "orderXML=".$xmlRequest ); curl_setopt( $ch, CURLOPT_RETURNTRANSFER, 1 ); curl_setopt( $ch, CURLOPT_TIMEOUT, 3000 ); curl_setopt( $ch, CURLOPT_VERBOSE, 1 ); $xmlResponse = curl_exec( $ch ); |
Pretty simple call. It’s attempting to communicate with an url over https which is where the problem lies. Here is the response I was receiving.
1 2 | Curl error number: 35 Curl error: error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure |
Simple call. Confusing problem. Simple solution. Add the following line before the curl_exec.
1 | curl_setopt($ch, CURLOPT_SSLVERSION, 1); |
Checking the documentation, it says this: CURLOPT_SSLVERSION
– The SSL version (2 or 3) to use. By default PHP will try to determine this itself, although in some cases this must be set manually.
I tried setting the value to 2 but it didn’t work.
1 2 | Curl error number: 4 Curl error: OpenSSL was built without SSLv2 support |
And setting it to 3 didn’t either.
1 2 | Curl error number: 35 Curl error: error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number |
I wish I could tell you why setting it to 1 worked for me, but I don’t understand it. It just works for me where the documented values do not.