2

My Current PHP version is 5.3. Recently I have updated it 5.2 to 5.3

I have searched in google I can't find any solution regarding the PayPal IPN validation.

I saw my phpinfo() there are enabled OPenSSL but still I am getting this error message - 

Warning: fsockopen() [function.fsockopen]: SSL operation failed with code 1. OpenSSL Error messages: error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure in /home/xxx/public_html/paypal_test/socketopen.php on line 5

Warning: fsockopen() [function.fsockopen]: Failed to enable crypto in /home/xxx/public_html/paypal_test/socketopen.php on line 5

Warning: fsockopen() [function.fsockopen]: unable to connect to ssl://www.sandbox.paypal.com:443 (Unknown error) in /home/xxx/public_html/paypal_test/socketopen.php on line 5
()

My Code is - 

<?php
$fp = fsockopen ( 'ssl://www.sandbox.paypal.com', "443", $err_num, $err_str, 60);
if (!$fp) {
    echo "$errstr ($errno)<br />\n";
} else {
    $out = "GET / HTTP/1.1\r\n";
    $out .= "Host: www.sandbox.paypal.com\r\n";
    $out .= "Connection: Close\r\n\r\n";
    fwrite($fp, $out);
    while (!feof($fp)) {
        echo fgets($fp, 128);
        echo "<br>";
    }
    fclose($fp);
}
?>

I have used same code in different server this code is working fine. But this is not working in my own server. Please check below two screenshot-

Actual Output - enter image description here

My output - enter image description here

I read php-paypal-error: 14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure But not getting any exact solution for that. Please check and let me know.

Thank you.

Community
  • 1
  • 1
Chinmay235
  • 3,236
  • 8
  • 62
  • 93

1 Answers1

5

According to SSLLabs this server only supports TLS 1.2, i.e. no TLS 1.1, TLS 1.0 or SSL 3.0.

My Current PHP version is 5.3. Recently I have updated it 5.2 to 5.3

Given that you are using a fairly old version of PHP chances are high that you are also using an older version of OpenSSL. The necessary support for TLS 1.2 was only added with OpenSSL version 1.0.1. To find out which version you are using you might use 

 php -r 'printf("0x%x\n", OPENSSL_VERSION_NUMBER);'

This should return at least 0x10001000 (i.e. version 1.0.1). Anything below has no support for TLS 1.2.

Steffen Ullrich
  • 114,247
  • 10
  • 131
  • 172
  • Here is details of my openssl version - `OpenSSL Library Version OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008` and `OpenSSL Header Version OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008` – Chinmay235 Jan 27 '16 at 09:14
  • `printf("0x%x\n", OPENSSL_VERSION_NUMBER);` I got `0x90802f ` – Chinmay235 Jan 27 '16 at 09:16
  • @Chinu: as I expected, you are using a very old version of OpenSSL which has no support for TLS 1.2. You need to use at least version 1.0.1 instead of the old version 0.9.8 you use currently. – Steffen Ullrich Jan 27 '16 at 10:04