Join the community today
Register Now

Unknown cipher in list: TLSv1(59)

Discussion in 'Nginx, PHP-FPM & MariaDB MySQL' started by Oxide, Mar 15, 2016.

  1. Oxide

    Oxide Active Member

    502
    29
    28
    Mar 19, 2015
    Ratings:
    +54
    Local Time:
    2:56 AM
    Keep getting this and other ssl issues on all my centminmod servers, i think i need to update Curl? How would I go about doing this without breaking stuff?

    [root@ns3009754 ~]# curl --version
    curl 7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.19.1 Basic ECC zlib/1.2.3 libidn/1.18 libssh2/1.4.2


    Centmin Mod 1.2.3-eva2000.08
     
  2. eva2000

    eva2000 Administrator Staff Member

    28,976
    6,579
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +9,765
    Local Time:
    2:56 AM
    Nginx 1.13.x
    MariaDB 5.5
    where is 'Unknown cipher in list: TLSv1(59)' showing up ? what web app ? in browser ?
     
  3. Oxide

    Oxide Active Member

    502
    29
    28
    Mar 19, 2015
    Ratings:
    +54
    Local Time:
    2:56 AM
    web app, to be more specific:
    Code:
                    // Set the curl parameters.
                    $ch = curl_init();
                    curl_setopt($ch, CURLOPT_URL, $API_Endpoint);
                    curl_setopt($ch, CURLOPT_VERBOSE, 1);
                    curl_setopt($ch, CURLOPT_SSL_CIPHER_LIST, 'TLSv1');
                   
                    // Turn off the server and peer verification (TrustManager Concept).
                    curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
                    curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, FALSE);
               
                    curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
                    curl_setopt($ch, CURLOPT_POST, 1);
     
  4. eva2000

    eva2000 Administrator Staff Member

    28,976
    6,579
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +9,765
    Local Time:
    2:56 AM
    Nginx 1.13.x
    MariaDB 5.5
    without knowing the web app it could be web app specific. For example, for Magento quick google gives me
     
    Last edited: Mar 15, 2016
  5. Oxide

    Oxide Active Member

    502
    29
    28
    Mar 19, 2015
    Ratings:
    +54
    Local Time:
    2:56 AM
  6. eva2000

    eva2000 Administrator Staff Member

    28,976
    6,579
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +9,765
    Local Time:
    2:56 AM
    Nginx 1.13.x
    MariaDB 5.5
  7. eva2000

    eva2000 Administrator Staff Member

    28,976
    6,579
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +9,765
    Local Time:
    2:56 AM
    Nginx 1.13.x
    MariaDB 5.5
  8. Oxide

    Oxide Active Member

    502
    29
    28
    Mar 19, 2015
    Ratings:
    +54
    Local Time:
    2:56 AM
  9. eva2000

    eva2000 Administrator Staff Member

    28,976
    6,579
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +9,765
    Local Time:
    2:56 AM
    Nginx 1.13.x
    MariaDB 5.5
  10. Oxide

    Oxide Active Member

    502
    29
    28
    Mar 19, 2015
    Ratings:
    +54
    Local Time:
    2:56 AM
    PayPal is not using CloudFlare.

    Anyway.. For option 2, are there any copy-paste I can just run in command line? And this updates php curl correct?


    Code:
    wget -O /usr/local/src/centminmod/addons/customcurl-new.sh https://gist.github.com/centminmod/f46de997956d4ae96790/raw/customcurl-new.sh
    chmod 0700 /usr/local/src/centminmod/addons/customcurl-new.sh
    /usr/local/src/centminmod/addons/customcurl-new.sh
    yum update --enablerepo=city-fan.org --disableplugin=priorities
    yum list curl libcurl libcurl-devel libcurl7112 libcurl7155 --enablerepo=city-fan.org --disableplugin=priorities
    
     
  11. eva2000

    eva2000 Administrator Staff Member

    28,976
    6,579
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +9,765
    Local Time:
    2:56 AM
    Nginx 1.13.x
    MariaDB 5.5
    all outlined at Beta Branch - Centmin Mod curl 7.43+ custom rpms | Centmin Mod Community run addons/customcurl-new.sh and then after recompile php via centmin.sh menu option 5. But customcurl-new.sh is the new improved version that after confirmed testing by folks will replace addon/customcurl.sh officially.
     
  12. Oxide

    Oxide Active Member

    502
    29
    28
    Mar 19, 2015
    Ratings:
    +54
    Local Time:
    2:56 AM
    Ok, now it returns.. Should I recompile PHP?

    Code:
    Installed:
      perl-IO-Compress.noarch 0:2.069-1.rhel6                                                                perl-Term-ReadKey.x86_64 0:2.33-1.rhel6
    
    Dependency Installed:
      orc.x86_64 0:0.4.16-6.el6       perl-Clone.x86_64 0:0.38-1.rhel6          perl-Compress-Raw-Bzip2.x86_64 0:2.069-1.rhel6  perl-Module-Runtime.noarch 0:0.014-1.rhel6  python-pyasn1.noarch 0:0.1.9-2.rhel6
      python2-rsa.noarch 0:3.3-5.el6  xz-compat-libs.x86_64 0:5.0.3-2.0.cf.el6  xz-devel.x86_64 0:5.0.3-2.0.cf.el6
    
    Updated:
      GeoIP.x86_64 0:1.6.9-2.0.cf.rhel6                   GeoIP-GeoLite-data.noarch 0:2016.03-1.el6        GeoIP-GeoLite-data-extra.noarch 0:2016.03-1.el6       GeoIP-devel.x86_64 0:1.6.9-2.0.cf.rhel6
      geoipupdate.x86_64 0:2.2.2-2.el6                    htop.x86_64 0:1.0.3-1.el6.rf                     jpegoptim.x86_64 0:1.4.3-4.el6                        libgcrypt.x86_64 0:1.4.6-4.2.cf.rhel6
      libgcrypt-devel.x86_64 0:1.4.6-4.2.cf.rhel6         libgpg-error.x86_64 0:1.21-2.0.cf.rhel6          libgpg-error-devel.x86_64 0:1.21-2.0.cf.rhel6         libidn.x86_64 0:1.32-2.0.el6
      libidn-devel.x86_64 0:1.32-2.0.el6                  libtidy.x86_64 0:0.99.0-34.20091203.0.el6        libtidy-devel.x86_64 0:0.99.0-34.20091203.0.el6       libxml2.x86_64 0:2.9.3-3.0.cf.rhel6
      libxml2-devel.x86_64 0:2.9.3-3.0.cf.rhel6           libxslt.x86_64 0:1.1.28-12.0.cf.rhel6            libxslt-devel.x86_64 0:1.1.28-12.0.cf.rhel6           libyaml.x86_64 0:0.1.4-1.el6.rf
      nload.x86_64 0:0.7.4-1.el6.rf                       nss-util.x86_64 0:3.19.1-5.el6_7                 optipng.x86_64 0:0.6.4-1.el6.rf                       perl-Carp-Clan.noarch 0:6.04-6.rhel6
      perl-Compress-Raw-Zlib.x86_64 1:2.069-1.rhel6       perl-DBI.x86_64 0:1.634-1.rhel6                  perl-Error.noarch 1:0.17024-1.rhel6                   perl-ExtUtils-ParseXS.noarch 1:3.30-1.rhel6
      perl-Module-Pluggable.noarch 2:5.2-1.rhel6          perl-Net-SSLeay.x86_64 0:1.72-2.0.cf.rhel6       perl-Pod-Simple.noarch 1:3.32-1.rhel6                 perl-Test-Harness.noarch 0:3.36-1.rhel6
      perl-version.x86_64 5:0.99.15-1.rhel6               pure-ftpd.x86_64 0:1.0.36-1.el6.rf               python-boto.noarch 0:2.38.0-1.el6                     schroedinger.x86_64 0:1.0.10-1.el6.rf
      xz.x86_64 0:5.0.3-2.0.cf.el6                        xz-libs.x86_64 0:5.0.3-2.0.cf.el6                xz-lzma-compat.x86_64 0:5.0.3-2.0.cf.el6
    
    Replaced:
      perl-Compress-Zlib.x86_64 0:2.021-141.el6_7.1       perl-IO-Compress-Base.x86_64 0:2.021-141.el6_7.1       perl-IO-Compress-Zlib.x86_64 0:2.021-141.el6_7.1       perl-TermReadKey.x86_64 0:2.30-13.el6
    
    Complete!
     
  13. Oxide

    Oxide Active Member

    502
    29
    28
    Mar 19, 2015
    Ratings:
    +54
    Local Time:
    2:56 AM
    Code:
    [root@vps236531 ~]# yum list curl libcurl libcurl-devel libcurl7112 libcurl7155 --enablerepo=city-fan.org --disableplugin=priorities
    Loaded plugins: fastestmirror, presto, security
    Loading mirror speeds from cached hostfile
    * city-fan.org: www.city-fan.org
    * epel: mirror1.babylon.network
    * rpmforge: miroir.univ-paris13.fr
    Installed Packages
    curl.x86_64                                                                                      7.47.1-4.0.cf.rhel6                                                                              @city-fan.org
    libcurl.x86_64                                                                                   7.47.1-4.0.cf.rhel6                                                                              @city-fan.org
    libcurl-devel.x86_64                                                                             7.47.1-4.0.cf.rhel6                                                                              @city-fan.org
    libcurl7112.x86_64                                                                               7.11.2-25.cf.rhel6                                                                               @city-fan.org
    libcurl7155.x86_64                                                                               7.15.5-17.cf.rhel6                                                                               @city-fan.org
    
     
  14. eva2000

    eva2000 Administrator Staff Member

    28,976
    6,579
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +9,765
    Local Time:
    2:56 AM
    Nginx 1.13.x
    MariaDB 5.5
    doesn't look right should return something like
    Code (Text):
    Complete!
    
    curl 7.47.1 (x86_64-redhat-linux-gnu) libcurl/7.47.1 NSS/3.19.1 Basic ECC zlib/1.2.7 libidn/1.28 libpsl/0.7.0 (+libicu/50.1.2) libssh2/1.7.0
    Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps pop3 pop3s rtsp scp sftp smb smbs smtp smtps telnet tftp
    Features: AsynchDNS IDN IPv6 Largefile GSS-API Kerberos SPNEGO NTLM NTLM_WB SSL libz UnixSockets Metalink PSL
    
    recompile PHP via centmin.sh menu option 5 to
    complete new curl version setup on your system
    
    custom curl RPMs installed...
    you can now use yum update to update curl
    
    yum update --enablerepo=city-fan.org --disableplugin=priorities
    
     
  15. eva2000

    eva2000 Administrator Staff Member

    28,976
    6,579
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +9,765
    Local Time:
    2:56 AM
    Nginx 1.13.x
    MariaDB 5.5
    But that looks right and is installed, so recompile php via centmin.sh menu option 5
     
  16. Oxide

    Oxide Active Member

    502
    29
    28
    Mar 19, 2015
    Ratings:
    +54
    Local Time:
    2:56 AM
    worked, thanks !:)
     
    • Informative Informative x 1
  17. eva2000

    eva2000 Administrator Staff Member

    28,976
    6,579
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +9,765
    Local Time:
    2:56 AM
    Nginx 1.13.x
    MariaDB 5.5
    excellent :D