0

I have a legacy system using XMLReader to access a website and it recently started failing with this error:

Warning: XMLReader::open(): SSL operation failed with code 1. OpenSSL Error messages:
error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure
PHP Warning:  XMLReader::open(): Failed to enable crypto

From my understanding, the issue is that the website stopped accepting sslv3. I'm just wondering if there is a way to tell XMLReader to use a different SSL version, or would an update to OpenSSL be required? As mentioned its a legacy system and updating the packages isn't an easy process, so I'm trying to see if there is another way to go about fixing this.

Any input is appreciated.

Josh
  • 62
  • 7

1 Answers1

0

You can try disabling SSL checking:

stream_context_set_default(['ssl' => ['verify_peer' => false, 'verify_peer_name' => false]]);
Dima Opiums
  • 9
  • 4
  • Thanks for the suggestion. Had to update that line to this for it to run: `stream_context_set_default(array('ssl' => array('verify_peer' => false, 'verify_peer_name' => false)));` But I still get the same SSL errors, so it doesn't look like that fixes it. – Josh Feb 12 '20 at 16:51
  • One option could also be: $this->curlOption(CURLOPT_URL, $uri); $this->curlOption(CURLOPT_SSL_VERIFYPEER, FALSE); $this->curlOption(CURLOPT_SSL_VERIFYHOST, 2); $this->curlOption(CURLOPT_SSL_CIPHER_LIST, 'TLSv1'); Or you still have to update openssl, it can also solve the problem above. – Dima Opiums Feb 12 '20 at 17:07