I just recently upgraded to OSX 10.10 Yosemite and I since the upgrade I can't do Curl POST to a SSL url anymore.
I first used wordpress's wp_remote_request
call and also tried to use curl in php.
Both (as expected) give the same error message:
Error Number:56
Error String:SSLRead() return error -9806
Note: when I curl POST to HTTP it works fine. I reckon it is a setting in PHP.ini or in my apache (I lost my original HTTPD.conf file after upgrade...).
Can anyone help me out?
I've seen this error happen when php is compiled with a version of cURL that uses Apple's Secure Transport under Yosemite and the target of the URL request doesn't support SSLv3 (which was probably disabled due to the POODLE vulnerability). What is the output of this command?
$ php -i | grep "SSL Version"
I suspect you'll see this:
SSL Version => SecureTransport
You can overcome this by installing a version of php which uses a version of cURL which uses OpenSSL instead of SecureTransport. This is most easily done with homebrew. So install that first if you don't already have it. If homebrew is installed but you haven't run brew update
since upgrading to Yosemite, do that first. Also make sure you've installed XCode >= 6.1 and the latest XCode command line tools. brew doctor
will tell you if you've done it all right.
Add the Homebrew taps below that you will need in order to get brewed php installed. Skip this step if these repos are already tapped. If you're unsure if these repos are already tapped, just run the commands below. Worst case scenario, you'll get a harmless Warning: Already tapped!
$ brew tap homebrew/dupes
$ brew tap homebrew/versions
$ brew tap homebrew/php
Then install curl with openssl:
$ brew install --with-openssl curl
Then install php using the curl you just installed and brewed openssl:
$ brew install --with-homebrew-curl --with-httpd24 php55
if using apache, make sure to add LoadModule php5_module /usr/local/opt/php55/libexec/apache2/libphp5.so
to your /etc/apache2/httpd.conf
and restart apache.
if not using apache 2.4, you can remove --with-httpd24
from the above command.
if using nginx, follow the caveat instuctions for starting fpm:
To launch php-fpm on startup:
mkdir -p ~/Library/LaunchAgents cp /usr/local/opt/php55/homebrew.mxcl.php55.plist ~/Library/LaunchAgents/ launchctl load -w ~/Library/LaunchAgents/homebrew.mxcl.php55.plist
Install any php extensions you're going to need eg. mcrypt
.
$ brew install php55-mcrypt
After you're done, run this again:
$ php -i | grep "SSL Version"
And you should see:
SSL Version => OpenSSL/1.0.2h
And now, re-test your application and the SSLRead() return error -9806
should go away.