WebFaction
Community site: login faq

Hi,

Many payment gateways (Stripe, PayPal etc) are now (or soon will be) requiring TLSv1.2 be used for all calls to their servers. TLS support was added to cURL in v7.34.0, (see here) but running curl --version on the server shows:

curl 7.29.0 (x86_64-redhat-linux-gnu) libcurl/7.29.0 NSS/3.21 Basic ECC zlib/1.2.7 libidn/1.28 libssh2/1.4.3

What's strange is that if I run curl --tlsv1.2 https://google.com/ then it actually works. So it seems that the installed curl on the server does support curl, and that perhaps just the version number is incorrect?

Also, running curl --tlsv1.2 https://www.howsmyssl.com/a/check from the server gives a Bad rating for ssl

I'm on web508

Thanks

asked 30 Jun, 23:43

pjrobertson's gravatar image

pjrobertson
456
accept rate: 0%

edited 30 Jun, 23:46


Red Hat (and thus CentOS) added support for TLS >1.0 to their curl package in Feb 2014 at v7.29.0-16. Here's what the changelog shows:

* Tue Feb 11 2014 Kamil Dudka <kdudka@redhat.com> 7.29.0-16
- allow to use TLS > 1.0 if built against recent NSS (#1036789)
- use proxy name in error message when proxy is used (#1042831)
- refresh expired cookie in test172 from upstream test-suite (#1063693)

If it's not working for you in your application, the please try explicitly setting TLS 1.2 in your application.

For PHP, I think either of the following should work:

  • curl_setopt($c, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1_2)
  • curl_setopt($c, CURLOPT_SSLVERSION, 6)

Hope that helps!

permanent link

answered 01 Jul, 00:23

seanf's gravatar image

seanf ♦♦
11.6k21333
accept rate: 37%

Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Question tags:

×80
×67
×13
×4

question asked: 30 Jun, 23:43

question was seen: 107 times

last updated: 01 Jul, 00:23

WEBFACTION
REACH US
SUPPORT
AFFILIATE PROGRAM
LEGAL
© COPYRIGHT 2003-2016 SWARMA LIMITED - WEBFACTION IS A SERVICE OF SWARMA LIMITED
REGISTERED IN ENGLAND AND WALES 5729350 - VAT REGISTRATION NUMBER 877397162
5TH FLOOR, THE OLD VINYL FACTORY, HAYES, UB3 1HA, UNITED KINGDOM