Skip to content
This repository has been archived by the owner on Sep 29, 2023. It is now read-only.

SSL peer handshake failed on TLS1.2 #897

Closed
aronzillo opened this issue Jul 22, 2017 · 12 comments
Closed

SSL peer handshake failed on TLS1.2 #897

aronzillo opened this issue Jul 22, 2017 · 12 comments
Labels
question

Comments

@aronzillo
Copy link

General information

  • SDK/Library version: paypal/rest-api-sdk-php v1.11.0, library anouar/paypalpayment v2.0
  • Environment: Sandbox
  • Language, language version, and OS: PHP 7.0.20 on macOS Sierra 10.12.6

Issue description

I am trying to implement PayPal on my site, but when trying to ask for approval of the purchase I get the following error:

PayPalConnectionException {#221 ▼ -url: "https://api.sandbox.paypal.com/v1/oauth2/token" -data: null #message: "SSL peer handshake failed, the server most likely requires a client certificate to connect" #code: 35 #file: "/Users/Aronzillo/Laravel/ecommerce/vendor/paypal/rest-api-sdk-php/lib/PayPal/Core/PayPalHttpConnection.php" #line: 122

What happen here?
@randstraw
Copy link

Can you try with v1.12.0? https://github.com/paypal/PayPal-PHP-SDK/releases
I see a pull request with some TLS changes that might help: #844

@marcoraddatz
Copy link

marcoraddatz commented Jul 26, 2017
edited
Loading

Got the same error with v1.12 and cURL v7.54.1 / OpenSSL v1.0.2l. Found out that it works if you don't set CURLOPT_SSLVERSION => 6, as cURL option.

Doesn't work:
php -r '$ch = curl_init(); curl_setopt($ch, CURLOPT_URL, "https://tlstest.paypal.com/"); curl_setopt($ch, CURLOPT_SSLVERSION, 6); var_dump(curl_exec($ch)); var_dump(curl_error($ch));'

Works:
php -r '$ch = curl_init(); curl_setopt($ch, CURLOPT_URL, "https://tlstest.paypal.com/"); var_dump(curl_exec($ch)); var_dump(curl_error($ch));'

@randstraw
Copy link

@aronzillo does removing the SSL version in the request correct the issue for you?

@davidbehler
Copy link

$apiContext->setConfig( array( 'http.CURLOPT_SSLVERSION' => CURL_SSLVERSION_TLSv1 ) );

Fixed it for me.

@randstraw
Copy link

TLS 1.2 is currently what should be used. I would see if CURL_SSLVERSION_TLSV1_2 works.

@xiaoleih41
Copy link
Contributor

Close this issue due to inactivity.

@cdtweb
Copy link

cdtweb commented Aug 30, 2017

@pp-randy I tried with CURL_SSLVERSION_TLSv1_2 and I got the exact same error. Using CURL_SSLVERSION_TLSv1 works just fine though.

@bionicmaster
Copy link

+1, I have the same error, this is only happening in sandbox

@JasonStainton
Copy link

+1 - Having the same error come back too in sandbox. Working on production.

@rosswintle
Copy link

+1 - Having the same issue here. Actually, I'm getting this response in local dev on my MacBook, but using Sandbox on my staging server is fine. So could be to do with the server environment, not the fact that you're using Sandbox. Using 1.12.0

@tempelmann tempelmann mentioned this issue Sep 29, 2017
Closed
@tempelmann
Copy link

I opened #943 because this one seems not to get noticed any more since it's gotten closed

@xiaoleih41 xiaoleih41 changed the title SSL peer handshake failed SSL peer handshake failed on TLS1.2 Sep 29, 2017
@xiaoleih41
Copy link
Contributor

Please refer to #943 for the answers.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
question
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
10 participants
@davidbehler @marcoraddatz @bionicmaster @tempelmann @xiaoleih41 @rosswintle @cdtweb @randstraw @aronzillo @JasonStainton