I’m having a client with an old shop software that has a Paypal plugin which doesn’t seem to work with curl with nss. So I need to change it to openssl.
How can I tell curl to use openssl?
It’s a virtual server with:
CentOS 6.7
Plesk 12.5
Quad-Core AMD Opteron(tm) Processor 2352 (4 core(s))
2
Answers
I’m pretty sure you’ll need to rebuild (or, better/easier, reinstall using your package manager) curl, and you’ll need to be sure you have OpenSSL built/installed beforehand (which I would wager you do in some fashion). I don’t think nss and OpenSSL have the same API, so you can’t do some LD path magic to switch between the two.
I have an old client with server with PHP 5.3.3 using curl with SSL Version NSS/3.12.7.0. We are having trouble sending data to PayWay. They are reporting that the data is sent thru TLS1.0.
I have checked the server using
php -r '$ch = curl_init("https://www.howsmyssl.com/a/check"); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); $data = curl_exec($ch); curl_close($ch); $json = json_decode($data); echo $json->tls_version;'
And it’s returning TLS1.0.
All solutions were to rebuild curl and php. Im on the process of rebuilding the curl. Got some errors and I have to update ca certificates first.
Did
yum update ca-certificates
While updating, I see that
nss
is being updated.After the ca-certificates update, I checked the tls version again, and it is now using TLS1.2!