Keep getting this and other ssl issues on all my centminmod servers, i think i need to update Curl? How would I go about doing this without breaking stuff? [root@ns3009754 ~]# curl --version curl 7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.19.1 Basic ECC zlib/1.2.3 libidn/1.18 libssh2/1.4.2 Centmin Mod 1.2.3-eva2000.08
web app, to be more specific: Code: // Set the curl parameters. $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $API_Endpoint); curl_setopt($ch, CURLOPT_VERBOSE, 1); curl_setopt($ch, CURLOPT_SSL_CIPHER_LIST, 'TLSv1'); // Turn off the server and peer verification (TrustManager Concept). curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, FALSE); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_POST, 1);
without knowing the web app it could be web app specific. For example, for Magento quick google gives me Magento Community Edition 1.9.2 Update failed - Unknown cipher in list: TLSv1 - Stack Overflow extensions - Magento 1.9.2 Unknown cipher in list: TLSv1 - Magento Stack Exchange ce 1.9.2.0 - Solution to Magento Downloader 1.9.2 unknown cipher list - Magento Stack Exchange
GitHub - sanwebe/Paypal-Express-Checkout-Example: PayPal Express checkout example files Not sure if that would break anything lol
Removing it would return: SetExpressCheckout failed: SSL connect error(35) This error occurs due outdated ssl/curl, had same issue before with cloudflare Wordpress - wp-cron SSL connect error with Cloudflare SSL ECDSA | Centmin Mod Community
if that is the case then same solution i posted at Wordpress - wp-cron SSL connect error with Cloudflare SSL ECDSA | Centmin Mod Community applies only 3 solutions switch to cloudflare pro paid ssl so you can get non-ECDSA based SSL or for CentOS 6.x, install custom curl rpms Beta Branch - Centmin Mod curl 7.43+ custom rpms with latest test customcurl-new.sh with yum repo here or CentOS 7.2 curl 7.29 seems to now support ECDSA in curl too
PayPal is not using CloudFlare. Anyway.. For option 2, are there any copy-paste I can just run in command line? And this updates php curl correct? Code: wget -O /usr/local/src/centminmod/addons/customcurl-new.sh https://gist.github.com/centminmod/f46de997956d4ae96790/raw/customcurl-new.sh chmod 0700 /usr/local/src/centminmod/addons/customcurl-new.sh /usr/local/src/centminmod/addons/customcurl-new.sh yum update --enablerepo=city-fan.org --disableplugin=priorities yum list curl libcurl libcurl-devel libcurl7112 libcurl7155 --enablerepo=city-fan.org --disableplugin=priorities
all outlined at Beta Branch - Centmin Mod curl 7.43+ custom rpms | Centmin Mod Community run addons/customcurl-new.sh and then after recompile php via centmin.sh menu option 5. But customcurl-new.sh is the new improved version that after confirmed testing by folks will replace addon/customcurl.sh officially.
Ok, now it returns.. Should I recompile PHP? Code: Installed: perl-IO-Compress.noarch 0:2.069-1.rhel6 perl-Term-ReadKey.x86_64 0:2.33-1.rhel6 Dependency Installed: orc.x86_64 0:0.4.16-6.el6 perl-Clone.x86_64 0:0.38-1.rhel6 perl-Compress-Raw-Bzip2.x86_64 0:2.069-1.rhel6 perl-Module-Runtime.noarch 0:0.014-1.rhel6 python-pyasn1.noarch 0:0.1.9-2.rhel6 python2-rsa.noarch 0:3.3-5.el6 xz-compat-libs.x86_64 0:5.0.3-2.0.cf.el6 xz-devel.x86_64 0:5.0.3-2.0.cf.el6 Updated: GeoIP.x86_64 0:1.6.9-2.0.cf.rhel6 GeoIP-GeoLite-data.noarch 0:2016.03-1.el6 GeoIP-GeoLite-data-extra.noarch 0:2016.03-1.el6 GeoIP-devel.x86_64 0:1.6.9-2.0.cf.rhel6 geoipupdate.x86_64 0:2.2.2-2.el6 htop.x86_64 0:1.0.3-1.el6.rf jpegoptim.x86_64 0:1.4.3-4.el6 libgcrypt.x86_64 0:1.4.6-4.2.cf.rhel6 libgcrypt-devel.x86_64 0:1.4.6-4.2.cf.rhel6 libgpg-error.x86_64 0:1.21-2.0.cf.rhel6 libgpg-error-devel.x86_64 0:1.21-2.0.cf.rhel6 libidn.x86_64 0:1.32-2.0.el6 libidn-devel.x86_64 0:1.32-2.0.el6 libtidy.x86_64 0:0.99.0-34.20091203.0.el6 libtidy-devel.x86_64 0:0.99.0-34.20091203.0.el6 libxml2.x86_64 0:2.9.3-3.0.cf.rhel6 libxml2-devel.x86_64 0:2.9.3-3.0.cf.rhel6 libxslt.x86_64 0:1.1.28-12.0.cf.rhel6 libxslt-devel.x86_64 0:1.1.28-12.0.cf.rhel6 libyaml.x86_64 0:0.1.4-1.el6.rf nload.x86_64 0:0.7.4-1.el6.rf nss-util.x86_64 0:3.19.1-5.el6_7 optipng.x86_64 0:0.6.4-1.el6.rf perl-Carp-Clan.noarch 0:6.04-6.rhel6 perl-Compress-Raw-Zlib.x86_64 1:2.069-1.rhel6 perl-DBI.x86_64 0:1.634-1.rhel6 perl-Error.noarch 1:0.17024-1.rhel6 perl-ExtUtils-ParseXS.noarch 1:3.30-1.rhel6 perl-Module-Pluggable.noarch 2:5.2-1.rhel6 perl-Net-SSLeay.x86_64 0:1.72-2.0.cf.rhel6 perl-Pod-Simple.noarch 1:3.32-1.rhel6 perl-Test-Harness.noarch 0:3.36-1.rhel6 perl-version.x86_64 5:0.99.15-1.rhel6 pure-ftpd.x86_64 0:1.0.36-1.el6.rf python-boto.noarch 0:2.38.0-1.el6 schroedinger.x86_64 0:1.0.10-1.el6.rf xz.x86_64 0:5.0.3-2.0.cf.el6 xz-libs.x86_64 0:5.0.3-2.0.cf.el6 xz-lzma-compat.x86_64 0:5.0.3-2.0.cf.el6 Replaced: perl-Compress-Zlib.x86_64 0:2.021-141.el6_7.1 perl-IO-Compress-Base.x86_64 0:2.021-141.el6_7.1 perl-IO-Compress-Zlib.x86_64 0:2.021-141.el6_7.1 perl-TermReadKey.x86_64 0:2.30-13.el6 Complete!
Code: [root@vps236531 ~]# yum list curl libcurl libcurl-devel libcurl7112 libcurl7155 --enablerepo=city-fan.org --disableplugin=priorities Loaded plugins: fastestmirror, presto, security Loading mirror speeds from cached hostfile * city-fan.org: www.city-fan.org * epel: mirror1.babylon.network * rpmforge: miroir.univ-paris13.fr Installed Packages curl.x86_64 7.47.1-4.0.cf.rhel6 @city-fan.org libcurl.x86_64 7.47.1-4.0.cf.rhel6 @city-fan.org libcurl-devel.x86_64 7.47.1-4.0.cf.rhel6 @city-fan.org libcurl7112.x86_64 7.11.2-25.cf.rhel6 @city-fan.org libcurl7155.x86_64 7.15.5-17.cf.rhel6 @city-fan.org
doesn't look right should return something like Code (Text): Complete! curl 7.47.1 (x86_64-redhat-linux-gnu) libcurl/7.47.1 NSS/3.19.1 Basic ECC zlib/1.2.7 libidn/1.28 libpsl/0.7.0 (+libicu/50.1.2) libssh2/1.7.0 Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps pop3 pop3s rtsp scp sftp smb smbs smtp smtps telnet tftp Features: AsynchDNS IDN IPv6 Largefile GSS-API Kerberos SPNEGO NTLM NTLM_WB SSL libz UnixSockets Metalink PSL recompile PHP via centmin.sh menu option 5 to complete new curl version setup on your system custom curl RPMs installed... you can now use yum update to update curl yum update --enablerepo=city-fan.org --disableplugin=priorities