0

I know there is some similar topic, but not the same. I have a working code, tested with a lot of different url - http and https as well - without any problem. Then, I found a website ... when I asking the URL header, I got empty array answer.

get_headers("https://www.diversalertnetwork.org/diving-incidents/Divers-air-consumption-appeared-unbelievably-good", 1);

And the result is an EMPTY array.

Array
(
)

I am also try with CURL but same result. I try to download the url's content but nothing. You can try it. Surprise! If I modify to http:// from https://, it will start working. Of course, the https link working very well in a browser. Also, the get_headers working with other https:// links. With curl I using my own browser's useragent, so that is a real if the server try to detect for any security reason. I really do not know what can I do, and most important, what happening, why there is no any answer, not an error or whatever.

php 5.6

Bunny.hu
  • 3
  • 3
  • Browser warning about that site's HTTPS connection: _"The connection to this site uses an obsolete protocol (TLS 1.0), an obsolete key exchange (RSA), and an obsolete cipher (3DES_EDE_CBC with HMAC-SHA1)."_ So it might simply be that on your system making HTTPS connections with sites that only support outdated security protocols is disabled. Is your PHP error reporting set properly to show warnings? – CBroe Oct 26 '16 at 20:44
  • Yes, it is. ini_set("display_errors", 1); ini_set("error_reporting", E_ALL ^ E_NOTICE); Anyway my chrome show me (i) before the link and no green but if I read the info, that said: Valid Certificate The connection to this site is using a valid, trusted server certificate. – Bunny.hu Oct 26 '16 at 21:04
  • Yes, but if you check the details, you should see the same warning message I quoted. And for me the above line of code works fine, and returns the headers. – CBroe Oct 26 '16 at 21:10
  • Any suggestion, what can I do in my PC? I am using xampp with close default settings. But you are damn right, I upload the code to my server and from there I got result. Hmm, but I never have same problem on my local webserver on my PC. What kind of outdated security protocol, do you have any idea? Or how can I check, what I have on my local server? – Bunny.hu Oct 26 '16 at 21:21
  • The ones the quoted message mentions ... Check here how you can change the settings, http://superuser.com/a/882651 (you might need to adjust the values to the specific cipher suite the site uses, according to the browser message.) – CBroe Oct 26 '16 at 21:25
  • Thanks for your time, CBroe! I will do my homework with the apache settings. ATM it is not working, but I am sure, you are right. I found some sign in the httpd-ssl.conf file, and try to add/modify that the [link]superuser.com/a/882651 mentioned without success. But, because my code working on the live server, I am happy. I would like to set your comment as an answer, but I cannot. If you can please do an answer, I am happy to do it. – Bunny.hu Oct 27 '16 at 06:28

1 Answers1

0

My browser shows warning about that site's HTTPS connection:

The connection to this site uses an obsolete protocol (TLS 1.0), an obsolete key exchange (RSA), and an obsolete cipher (3DES_EDE_CBC with HMAC-SHA1).

So it might simply be that on your system making HTTPS connections with sites that only support outdated security protocols is disabled.

Which Apache config settings regarding SSL are relevant, can be found here: https://superuser.com/a/882651

Community
  • 1
  • 1
CBroe
  • 91,630
  • 14
  • 92
  • 150