How to force PHP to only connect to TLSv1.2 site

Question

How to force PHP to only connect to TLSv1.2 site

I am trying to connect using curl in PHP to Pronto Cycle Share (using PHP 5.6.2). This site works in a browser and from the command line.

According to SSL Labs , it only accepts TLS 1.2.

In PHP, using CURL (version 7.28.1), PHP cannot agree and gives me Curl error: error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure

Using file_get_contents, the code:

$ctx = stream_context_create([
'ssl' => [
    'crypto_method' => STREAM_CRYPTO_METHOD_TLS_CLIENT
  ],
]);
$html = file_get_contents($url, false, $ctx);

Return:

Message:  file_get_contents(): SSL operation failed with code 1. OpenSSL Error messages: error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure

print_r(OPENSSL_VERSION_TEXT)

says OpenSSL 0.9.8r on Feb 8, 2011, so pretty old. I am using MAMP PRO on Mac.

Is there a way to connect to this server using simple PHP methods?

+3

php curl ssl

MattC 03 nov. 14 at 20:50

source to share

1 answer

Sammitch · Answer 1 · 2014-11-03T21:08:24+0000

Your cURL version does not support TLS 1.2, you need to update.

CURL_SSLVERSION_TLSv1_0 (4), CURL_SSLVERSION_TLSv1_1 (5) or CURL_SSLVERSION_TLSv1_2 (6) only work for PHP versions using curl 7.34 or newer.

Source

How to force PHP to only connect to TLSv1.2 site

More articles: