我们最近将我们的Web应用程序移动到新服务器,并且通过PHP的curl请求已停止为HTTPS地址工作(HTTP仍然可以正常工作)。
旧服务器运行openSUSE 12.3,新服务器运行Ubuntu 16.04。
我已尝试curl_setopt( $ch, CURLOPT_SSLVERSION, 1 );
强制TLS,如此处对类似问题的回答所建议,但没有区别。
这更令人困惑,因为在命令行使用curl对同一位置的HTTPS请求与我期望的完全一样。
我在PHP curl调用中打开了详细输出,看看这是否对我有帮助并得到以下输出:
* Trying xxx.xxx.xxx.xxx...
* Connected to www.somesite.com (xxx.xxx.xxx.xxx) port 443 (#0)
* ALPN, offering http/1.1
* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
* successfully set certificate verify locations:
* CAfile: /etc/ssl/certs/ca-certificates.crt
CApath: /etc/ssl/certs
* Unknown SSL protocol error in connection to www.somesite.com:443
* Closing connection 0
但是当我在命令行运行命令(使用curl -d "My=post&data=here" -X POST https://www.somesite.com/... -v
之类的东西)时,我得到:
* Trying xxx.xxx.xxx.xxx...
* Connected to www.somesite.com (xxx.xxx.xxx.xxx) port 443 (#0)
* found 173 certificates in /etc/ssl/certs/ca-certificates.crt
* found 696 certificates in /etc/ssl/certs
* ALPN, offering http/1.1
* SSL connection using TLS1.0 / RSA_3DES_EDE_CBC_SHA1
* server certificate verification OK
* server certificate status verification SKIPPED
* common name: *.somesite.com (matched)
* server certificate expiration date OK
* server certificate activation date OK
* certificate public key: RSA
* certificate version: #3
* subject: C=****,ST=****,L=****,O=****,OU=****,CN=*.somesite.com
* start date: Fri, 27 Jan 2017 00:00:00 GMT
* expire date: Wed, 26 Feb 2020 23:59:59 GMT
* issuer: C=US,O=thawte\, Inc.,CN=thawte SSL CA - G2
* compression: NULL
* ALPN, server did not agree to a protocol
...Response here...
有没有人对如何解决这个问题有任何建议,或者我可以做些什么来缩小问题的原因?
更新:
以下是我用来尝试查找问题原因的PHP代码:
$postvars="My=post&data=here";
$curl=curl_init(
"https://www.somesite.com/..."
);
curl_setopt($curl, CURLOPT_VERBOSE, true);
curl_setopt($curl, CURLOPT_STDERR, fopen('/tmp/sslerror', 'w'));
curl_setopt($curl, CURLOPT_POST, 1);
curl_setopt($curl, CURLOPT_POSTFIELDS, $postvars);
curl_setopt($curl, CURLOPT_HTTPHEADER, array('Content-Type: application/x-www-form-urlencoded'));
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($curl, CURLOPT_TIMEOUT, 30);
$result=curl_exec($curl);
echo curl_error($curl);
curl_close($curl);
echo var_export($result, true);