cURL SSLv3 calls failing

If you try and connect over HTTPS/SSL with cURL you may get an error similar to:

sslv3 alert handshake failure

Or:

Unknown SSL protocol error in connection

If you cannot see a descriptive error message, use –verbose to report everything.

The cause of this often that hosts have disabled SSLv3 because it has now been compromised. The solution is to use TLS, which is a newer more secure protocol.

curl --tlsv1 --verbose hostname

If you are using cURL in PHP you can change the SSL version to use TLSv1.2.

CURLOPT_SSLVERSION => 6

You should then be able to make the cURL request over SSL successfully.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.