0

I'm having problems with fetching data from URL. When I input URL in browser file normally gets downloaded to my computer, but when I try to access it in my code I get response FALSE, with no errors just bool(false) response. It's function for ICAL sync and 3 or 4 urls are fine but that one is just not getting data. Tried both with file_get_contents and with CURL. Here is CURL function:

    $ch = curl_init();
    curl_setopt($ch, CURLOPT_URL, $url);
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
    $data = curl_exec($ch);
    curl_close($ch);

Here are some info about server:

PHP Version = 5.6.10-pl0

allow_url_fopen = On

OpenSSL support = enabled

And yeah file is on HTTPS server if that's maybe an issue. Thank you guys in advance.

Community
  • 1
  • 1
Almosthuman
  • 3
  • 1

1 Answers1

1

In this answer local refers to your server, remote to the other one (the one you are trying to access).

From the error message:

SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure

it looks like your client and the server implementation cannot agree on a common cipher suite to use. This usually means one implementation is a bit dated.

There is no problem with the remote certificate. This would have yielded a different error message.

Check the remote server

You can use for example SSL Server Test to determine which Protocol versions and ciphers the remote server is using.

Then you can select some of them for curl to use (Source for code):

curl_setopt($curl, CURLOPT_SSL_CIPHER_LIST, 'ECDHE-RSA-AES128-GCM-SHA256,...');

Check the local/your server

You said you are using PHP 5.6.10. This is quite a bit out of date. (It was released on 11 Jun 2015). The current 5.6 version branch is at 5.6.34. If I was you I would consider an upgrade.

From the SSL Server test: The remote server only accepts TLS1.2. So you should also consider upgrading your OpenSSL installation.

Some more links for reference:

rollstuhlfahrer
  • 3,988
  • 9
  • 25
  • 38
  • Thank you man so far. I get this from testing server: https://imgur.com/a/vA2ao . So what Cipher list to use? – Almosthuman Mar 26 '18 at 20:10
  • This only shows the certificate. That is irrelevant in the handshake process – rollstuhlfahrer Mar 26 '18 at 20:13
  • Okay I found section with Cipher and it says: Cipher Suites # TLS 1.2 (suites in server-preferred order) TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 But when I try to setup either of this it gets error: failed setting cipher list. So I guess my server with that version of openssl doesn't support it? – Almosthuman Mar 26 '18 at 20:19
  • Edited the answer to reflect that. If is answers your question, [please accept it](https://meta.stackexchange.com/questions/5234/how-does-accepting-an-answer-work) – rollstuhlfahrer Mar 26 '18 at 20:23
  • Okay thank you @rollstuhlfahrer for everything. Was lost for about 1-2 hours about this one. – Almosthuman Mar 26 '18 at 20:35