WebFaction
Community site: login faq

Hi,

Many payment gateways (Stripe, PayPal etc) are now (or soon will be) requiring TLSv1.2 be used for all calls to their servers. TLS support was added to cURL in v7.34.0, (see here) but running curl --version on the server shows:

curl 7.29.0 (x86_64-redhat-linux-gnu) libcurl/7.29.0 NSS/3.21 Basic ECC zlib/1.2.7 libidn/1.28 libssh2/1.4.3

What's strange is that if I run curl --tlsv1.2 https://google.com/ then it actually works. So it seems that the installed curl on the server does support curl, and that perhaps just the version number is incorrect?

Also, running curl --tlsv1.2 https://www.howsmyssl.com/a/check from the server gives a Bad rating for ssl

I'm on web508

Thanks

asked 30 Jun, 23:43

pjrobertson's gravatar image

pjrobertson
456
accept rate: 0%

edited 30 Jun, 23:46


Red Hat (and thus CentOS) added support for TLS >1.0 to their curl package in Feb 2014 at v7.29.0-16. Here's what the changelog shows:

* Tue Feb 11 2014 Kamil Dudka <kdudka@redhat.com> 7.29.0-16
- allow to use TLS > 1.0 if built against recent NSS (#1036789)
- use proxy name in error message when proxy is used (#1042831)
- refresh expired cookie in test172 from upstream test-suite (#1063693)

If it's not working for you in your application, the please try explicitly setting TLS 1.2 in your application.

For PHP, I think either of the following should work:

  • curl_setopt($c, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1_2)
  • curl_setopt($c, CURLOPT_SSLVERSION, 6)

Hope that helps!

permanent link

answered 01 Jul, 00:23

seanf's gravatar image

seanf ♦♦
11.9k21333
accept rate: 37%

Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Question tags:

×86
×68
×13
×4

question asked: 30 Jun, 23:43

question was seen: 415 times

last updated: 01 Jul, 00:23

WEBFACTION
REACH US
SUPPORT
AFFILIATE PROGRAM
LEGAL
© COPYRIGHT 2003-2017 PARAGON INTERNET GROUP LIMITED
WEBFACTION IS A SERVICE OF PARAGON INTERNET GROUP LIMITED
REGISTERED IN ENGLAND AND WALES 7573953 - VAT REGISTRATION NUMBER 182147021
5TH FLOOR, THE OLD VINYL FACTORY, HAYES, UB3 1HA, UNITED KINGDOM