php-paypal-error: 14077410:SSL 例程:SSL23_GET_SERVER_HELLO:sslv3 警报握手失败 [英] php-paypal-error: 14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure

问题描述

今天，一个运行良好的 PHP 5.5 网站开始抛出此错误:

Today a website with PHP 5.5 that was working fine has started to throw this error:

错误:14077410:SSL 例程:SSL23_GET_SERVER_HELLO:sslv3 警报握手失败

error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure

我尝试了许多不同问题的解决方案，但我找不到错误所在.

I have tried many solutions from different questions but I can't find the error.

MAMP SSL 错误:"error:14077410:SSL例程:SSL23_GET_SERVER_HELLO:sslv3 警报握手失败"

这里说要将 CURLOPT_SSL_VERIFYPEER 更改为 false，但不起作用.

Here says to change the CURLOPT_SSL_VERIFYPEER to false, but doesn't work.

我尝试了许多 sslversions 和 cipher_list，但也不起作用.

I have tried with many sslversions and cipher_list, but doesn't work either.

我说的这个问题前几天还没有出现，可能是1.6.4版本的新问题.

As I said, this problem wasn't here a few days ago, maybe it's something new related with the version 1.6.4.

有什么想法吗?

推荐答案

如果您指向的是 Sandbox 服务器，那么最近进行的一些更新会导致该特定错误.
以下是来自 PayPal 商家技术支持微型网站的有关 SHA-256 升级的信息和链接:

If you are pointing to the Sandbox server, recently there were some updates made that would cause that specific error.
Below is the information and link from the PayPal Merchant Technical Support Microsite on the SHA-256 Upgrade:

支持 SHA-256. PayPal 正在将所有 Live 和 Sandbox 端点上的 SSL 证书从 SHA-1 升级到更强大、更可靠的证书SHA-256 算法.您将需要更新您的集成以支持使用 SHA-256 的证书.
停止使用 VeriSign G2 根证书.按照行业标准，PayPal将不再兑现安全需要 VeriSign G2 根证书才能信任的连接验证.只有期待我们的安全连接请求由 G5 根证书签署的证书/信任链将导致成功的安全连接.

Support SHA-256. PayPal is upgrading SSL certificates on all Live and Sandbox endpoints from SHA-1 to the stronger and more robust SHA-256 algorithm. You will need to update your integration to support certificates using SHA-256.
Discontinue use of the VeriSign G2 Root Certificate. In accordance with industry standards, PayPal will no longer honor secure connections that require the VeriSign G2 Root Certificate for trust validation. Only secure connection requests that are expecting our certificate/trust chain to be signed by the G5 Root Certificate will result in successful secure connections.

直接来自 PayPal MicroSite:SSL 证书升级

Directly from the PayPal MicroSite: SSL Certificate Upgrade

2016 年 1 月 19-20 日，沙盒端点将升级到新的SHA-256、2048 位证书:

On January 19-20, 2016 The Sandbox endpoints will be upgraded to new SHA-256, 2048-bit certificates:

api.sandbox.paypal.com
api-3t.sandbox.paypal.com
api-aa.sandbox.paypal.com
api-aa-3t.sandbox.paypal.com
svcs.sandbox.paypal.com
pointofsale.sandbox.paypal.com
ipnpb.sandbox.paypal.com
www.sandbox.paypal.com (for IPN)

这是PayPal 用户指南，其中包含有关将证书更改为 G5 根证书的详细说明.

Here is the link to the PayPal User Guide with detailed instructions on changing your Certificate to a G5 Root Certificate.

这篇关于php-paypal-error: 14077410:SSL 例程:SSL23_GET_SERVER_HELLO:sslv3 警报握手失败的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！