27

Today a website with PHP 5.5 that was working fine has started to throw this error:

error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure

I have tried many solutions from different questions but I can't find the error.

MAMP SSL error: "error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure"

Here says to change the CURLOPT_SSL_VERIFYPEER to false, but doesn't work.

I have tried with many sslversions and cipher_list, but doesn't work either.

As I said, this problem wasn't here a few days ago, maybe it's something new related with the version 1.6.4.

Any Idea?

Community
  • 1
  • 1
Noé Andrés
  • 351
  • 1
  • 3
  • 7

4 Answers4

18

If you are pointing to the Sandbox server, recently there were some updates made that would cause that specific error.
Below is the information and link from the PayPal Merchant Technical Support Microsite on the SHA-256 Upgrade:

Support SHA-256. PayPal is upgrading SSL certificates on all Live and Sandbox endpoints from SHA-1 to the stronger and more robust SHA-256 algorithm. You will need to update your integration to support certificates using SHA-256.
Discontinue use of the VeriSign G2 Root Certificate. In accordance with industry standards, PayPal will no longer honor secure connections that require the VeriSign G2 Root Certificate for trust validation. Only secure connection requests that are expecting our certificate/trust chain to be signed by the G5 Root Certificate will result in successful secure connections.

Directly from the PayPal MicroSite: SSL Certificate Upgrade

On January 19-20, 2016 The Sandbox endpoints will be upgraded to new SHA-256, 2048-bit certificates:

api.sandbox.paypal.com
api-3t.sandbox.paypal.com
api-aa.sandbox.paypal.com
api-aa-3t.sandbox.paypal.com
svcs.sandbox.paypal.com
pointofsale.sandbox.paypal.com
ipnpb.sandbox.paypal.com
www.sandbox.paypal.com (for IPN)

Here is the link to the PayPal User Guide with detailed instructions on changing your Certificate to a G5 Root Certificate.

pp_MSI_Jenn
  • 1,589
  • 1
  • 11
  • 15
  • 1
    Check which certificate you have and follow the instructions in [this guide](https://www.paypal-knowledge.com/resources/sites/PAYPAL/content/live/FAQ/1000/FAQ1766/en_US/2015%20Merchant%20Security%20System%20Upgrade%20Guide%20%28U.S.%20English%29.pdf) to change from G2 to G5 Root Certificate. – pp_MSI_Jenn Jan 25 '16 at 18:43
  • 2
    I'm sorry, I still do not get it, like, at all. I had a code running, without any issues, now they talk about certifications and new end points, I do not get what I have to edit to make it work. I rlly do not. $API_Endpoint = "https://api-3t".$paypalmode.".paypal.com/nvp"; I have this line that talks about an end point, $paypalmode contains sandbox or live, that's all I can see abobut it. does it have to be changed? worst part is that it works on localhost but not online. – Dunnow Feb 01 '16 at 14:57
  • If this is true, why am I only experiencing this issue _now_? – That1Guy Feb 15 '16 at 20:44
1

I upgrade my PHP server from 5.4 to 7.0 and error disappear.

Tapa Save
  • 4,769
  • 5
  • 32
  • 54
0

My problem was solved by re-installing PHP 7 on my Mac. It may also be worth checking the version of libcurl that you have is up to date.

NickS
  • 1
  • 1
0

So have already fixed the problem with handshake failure. It was due to php version. As soon as i upgraded to php 5.5 it solved the problem.

Dilip Godhani
  • 2,065
  • 3
  • 18
  • 33