Today a website with PHP 5.5 that was working fine has started to throw this error:
error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure
I have tried many solutions from different questions but I can't find the error.
MAMP SSL error: "error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure"
Here says to change the CURLOPT_SSL_VERIFYPEER to false, but doesn't work.
I have tried with many sslversions and cipher_list, but doesn't work either.
As I said, this problem wasn't here a few days ago, maybe it's something new related with the version 1.6.4.
Any Idea?
If you are pointing to the Sandbox server, recently there were some updates made that would cause that specific error.
Below is the information and link from the PayPal Merchant Technical Support Microsite on the SHA-256 Upgrade:
Support SHA-256. PayPal is upgrading SSL certificates on all Live and Sandbox endpoints from SHA-1 to the stronger and more robust SHA-256 algorithm. You will need to update your integration to support certificates using SHA-256.
Discontinue use of the VeriSign G2 Root Certificate. In accordance with industry standards, PayPal will no longer honor secure connections that require the VeriSign G2 Root Certificate for trust validation. Only secure connection requests that are expecting our certificate/trust chain to be signed by the G5 Root Certificate will result in successful secure connections.
Directly from the PayPal MicroSite: SSL Certificate Upgrade
On January 19-20, 2016 The Sandbox endpoints will be upgraded to new SHA-256, 2048-bit certificates:
api.sandbox.paypal.com api-3t.sandbox.paypal.com api-aa.sandbox.paypal.com api-aa-3t.sandbox.paypal.com svcs.sandbox.paypal.com pointofsale.sandbox.paypal.com ipnpb.sandbox.paypal.com www.sandbox.paypal.com (for IPN)
Here is the link to the PayPal User Guide with detailed instructions on changing your Certificate to a G5 Root Certificate.