What if your cURL requests cannot connect your Website using SSL, isn’t it frustrating?
Usually, PHP cURL SSL connect error 35 occur due to version mismatch or outdated cURL package.
At Bobcares, we often get requests to fix SSL cURL errors, as a part of our Server Management Services.
Today, let’s see how our Support Engineers fix PHP cURL SSL connect error 35 for our customers.
What is PHP curl SSL connect error 35?
Before getting deeper into the error, firstly let’s understand what is PHP cURL.
cURL stands for Client for URL. Usually, PHP uses cURL to connect to the specified website URL. Here we are discussing cURL request to an SSL website.
In many situations, when a server tries to connect to an SSL website, the cURL request ends up in an error message.
cURL error (35): SSL connect error.
The error message denotes that there is an error somewhere in SSL/TLS handshake. In short, the cURL error code 35 denotes an SSL connection error.
The error can be due to an outdated cURL package, connection errors or else a version mismatch between the PHP cURL and SSL protocol of the end server.
A sample error at a Drupal website will show up as:
How we fix the PHP cURL SSL connect error?
So far, we have seen what is PHP cURL SSL connect error. Our Dedicated Engineers with expertise over a decade usually fix this error for our customers.
As the first step of troubleshooting, we check the webserver log.
It gives a detailed summary of all the SSL/TLS handshakes. From this data, our experts find the exact reason for the timeout.
1. SSL protocol of destination site
In most cases, errors will be with the PHP cURL versions in the server.
For instance, the command-line cURL may be using the latest version and the SSL protocol may be outdated.
Meanwhile, if the server tries to connect to an endpoint with an older SSL protocol, it fails and ends up in cURL error 35. This is particularly applicable with outdated SSL protorcols like SSLv2, SSLv3.
So, we check the versions of the cURL and SSL protocol. Later, if there is any version mismatch, our Support Engineers update it to the latest.
2. Outdated cURL package
Similarly, an outdated cURL package in the servers shows up the SSL connect error. In this case, our Support Engineers check the cURL version in the server.
rpm -qa | grep curl
This command gives the currently used cURL version in the server.
Later, we update the cURL package to the latest version. After that, we update the Network Security Services (NSS) package on the server using:
yum update -y nss
This fixes the package and the error does not show up again.
3. Customizing cURL configuration
Some customers customize the cURL settings on the server. However, improper setting of the PHP cURL configuration file leads to error 35.
In such cases, our Support Team check the configuration file and correct it.
Here, we first confirm the availability of cURL module support for PHP with the command:
php -i | grep -i curl
For example, the correct settings appear as:
/etc/php.d/curl.ini, curl cURL support => enabled cURL Information => 7.66.0
We also ensure that the website uses the correct PHP version with cURL support.
4. Firewall restrictions
In many cases, the cURL SSL error can happen due to firewall restrictions on the server too. For example, when network administrators ban SSL connections, none of the data transactions to or from the server happens.
Thus, we always check the firewall on the server and ensure that the server accepts SSL port connections from selected APIs and networks.
[Still having trouble in fixing PHP cURL SSL connect error? – We’ll fix it for you.]
In short, PHP cURL SSL connect error 35 usually occur due to version mismatch of cURL and SSL, outdated cURL package, firewall restrictions and so on. Today, we also saw how our Support Engineers fix this error for our customers.