Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Paypal can not connect to Sandbox server. Return error 14077410 (sslv3 alert handshake failure)

The site that connect sandbox paypal works , until recently

it can connect will curl

but when it send the request at the second time

it show the error of

error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure

I have tried some reference online and set the SSL SHA-256 cert of it but it return same error. Other suggest switch to TLS at the curl connection but it may not perfered as there are many project I have handled.

Are there any suggestion to connect sandbox paypal with SSLv3? Thanks for helping.

enter image description here

enter image description here

enter image description here

like image 943
user3538235 Avatar asked Jan 14 '16 13:01

user3538235


2 Answers

You'll have to switch the cURL request to use TLS 1.2 in order to use the PayPal sandbox. I'm in the same boat, and there's no way around it, unfortunately. They just activated the change on the sandbox environment a few days ago.

https://devblog.paypal.com/upcoming-security-changes-notice/

like image 142
0kay Avatar answered Nov 16 '22 12:11

0kay


I'll add some extra info on this since the first answer doesn't really cover all of the important points.

Paypal has started rolling out some upgrades, the sandbox now requires TLS 1.2 for all requests, and production systems will also require this from June 2016 onwards.

To support this you will need to:

  • Ensure your server has OpenSSL 1.0.1 or above (which is when TLS 1.2 support was added).
    openssl version will show you your version number.

  • Once you meet that criteria, in your PHP code you can force the SSLVERSION to TLS 1.2 with the following command:

    curl_setopt($curl, CURLOPT_SSLVERSION, 6);
    

Or if you want a less hacky solution, it is possible to have the correct SSL version kick in automatically during the handshake, where the client and server compare available ciphers to find a common protocol. You appear to be using PHP + curl, so you'll need PHP 5.5.19+ and curl 7.29+ for this to take place.

like image 11
Matt O Avatar answered Nov 16 '22 12:11

Matt O