TLS 1 2 not working in cURL

Question

I am having trouble curling an HTTPS url that uses TLS1 2  in my curl operation I post my login data into the website and save it in cookiefile  The error message I am getting is this    error 14077438 SSL routines SSL23 GET SERVER HELLO tlsv1 alert internal error   I have tried setting VERIFYPEER and VERIFYHOST to 0 but that does not seem to work  any suggestions   Here are the versions I am using    OpenSSL version is 0 9 8b CURL version is  7 24 0 PHP is 5 3    Here is the code    setuplogin   curl init     curl setopt   setuploginurl  CURLOPT URL   url    curl setopt   setuploginurl  CURLOPT SSL VERIFYPEER  1    curl setopt   setuploginurl  CURLOPT SSL VERIFYHOST  1   curl setopt   setuploginurl  CURLOPT FOLLOWLOCATION  TRUE   curl setopt   setuploginurl  CURLOPT SSLVERSION   CURL SSLVERSION TLSv1 2    curl setopt   setuploginurl  CURLOPT POSTFIELDS   username uname amp password pword amp act login amp submit Login    curl setopt   setuploginurl  CURLOPT USERAGENT   Mozilla 5 0  Windows NT 6 1  WOW64  AppleWebKit 537 36  KHTML  like Gecko  Chrome 42 0 2311 135 Safari 537 36     curl setopt  setuploginurl  CURLOPT TIMEOUT  60    curl setopt   setuploginurl  CURLOPT COOKIESESSION  TRUE    curl setopt   setuploginurl  CURLOPT RETURNTRANSFER  1   curl setopt   setuploginurl   CURLOPT HEADER  1   curl setopt   setuploginurl CURLOPT ENCODING  gzip    curl setopt   setuploginurl  CURLOPT POST  true   curl setopt   setuploginurl  CURLOPT COOKIEJAR   cookies txt     curl setopt   setuploginurl  CURLOPT FRESH CONNECT   1     loginp  curl exec  setuploginurl    if   loginp     FALSE        die curl error  setuploginurl       curl close   setuploginurl    var dump   loginp

User · Answer

TLS 1 2 is only supported since OpenSSL 1 0 1  see the Major version releases section   you have to update your OpenSSL   It is not necessary to set the CURLOPT SSLVERSION option  The request involves a handshake which will apply the newest TLS version both server and client support  The server you request is using TLS 1 2  so your php curl will use TLS 1 2  by default  as well if your OpenSSL version is  or newer than  1 0 1

User · Answer

Replace following  curl setopt   setuploginurl  CURLOPT SSLVERSION   CURL SSLVERSION TLSv1 2      With  curl setopt   ch  CURLOPT SSLVERSION  6     Should work flawlessly

User · Answer

I has similar problem in context of Stripe      Error  Stripe no longer supports API requests made with TLS 1 0    Please initiate HTTPS connections with TLS 1 2 or later  You can learn   more about this at https   stripe com blog upgrading-tls    Forcing TLS 1 2 using CURL parameter is temporary solution or even it can t be applied because of lack of room to place an update  By default TLS test function https   gist github com olivierbellone 9f93efe9bd68de33e9b3a3afbd3835cf showed following configuration   SSL version  NSS 3 21 Basic ECC SSL version number  0 OPENSSL VERSION NUMBER  1000105f TLS test  default   TLS 1 0 TLS test  TLS v1   TLS 1 2 TLS test  TLS v1 2   TLS 1 2   I updated libraries using following command      yum update nss curl openssl   and then saw this   SSL version  NSS 3 21 Basic ECC SSL version number  0 OPENSSL VERSION NUMBER  1000105f TLS test  default   TLS 1 2 TLS test  TLS v1   TLS 1 2 TLS test  TLS v1 2   TLS 1 2   Please notice that default TLS version changed to 1 2  That globally solved problem  This will help PayPal users too  https   www paypal com au webapps mpp tls-http-upgrade  update before end of June 2017

User · Answer

You must use an integer value for the CURLOPT SSLVERSION value  not a string as listed above  Try this   curl setopt   setuploginurl  CURLOPT SSLVERSION  6     Integer NOT string TLS v1 2   http   php net manual en function curl-setopt php  value should be an integer for the following values of the option parameter   CURLOPT SSLVERSION     One of     CURL SSLVERSION DEFAULT  0     CURL SSLVERSION TLSv1  1     CURL SSLVERSION SSLv2  2    CURL SSLVERSION SSLv3  3     CURL SSLVERSION TLSv1 0  4    CURL SSLVERSION TLSv1 1  5    CURL SSLVERSION TLSv1 2  6

User · Answer

TLS 1 1 and TLS 1 2 are supported since OpenSSL 1 0 1  Forcing TLS 1 1 and 1 2 are only supported since curl 7 34 0  You should consider an upgrade

[php] TLS 1.2 not working in cURL

Examples related to php

Examples related to ssl

Examples related to openssl

Examples related to php-curl