当前位置: 文江博客话题详情

Curl 请求在 SSL 上失败?

发布于 2024-09-26 17:55:01 字数 363 浏览 7 评论 0原文

我有这段代码

    if(ereg("^(https)",$url))
        curl_setopt($curl,CURLOPT_SSL_VERIFYPEER,false);
    // execute, and log the result to curl_put.log
    $result = curl_exec($curl);


    $error = curl_error($curl);

指定的错误是

SSL read: error:00000000:lib(0):func(0):reason(0), errno 104

任何关于原因的想法

原文

I have this code

    if(ereg("^(https)",$url))
        curl_setopt($curl,CURLOPT_SSL_VERIFYPEER,false);
    // execute, and log the result to curl_put.log
    $result = curl_exec($curl);


    $error = curl_error($curl);

The error specified is

SSL read: error:00000000:lib(0):func(0):reason(0), errno 104

Any ideas on the cause

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(8

东京女 2024-10-03 17:55:01

我在使用第三方库时遇到了类似的神秘错误。我尝试了 CURLOPT_SSL_VERIFY[PEER|HOST] 但没有什么区别。我的错误消息类似:

SSL read: error:00000000:lib(0):func(0):reason(0), errno 54

所以我访问了 http://curl.haxx.se/ libcurl/c/libcurl-errors.html,查找错误代码 54。

CURLE_SSL_ENGINE_SETFAILED (54) Failed setting the selected SSL crypto engine as default!

不过这是错误的 - 我在应用程序的其他部分使用curl 发出其他 HTTPS 请求。所以我继续挖掘并发现了这个问题,R & RCurl:libcurl 中出现错误 54,其中包含以下 gem:

您看到的输出来自libcurl源代码中的lib/ssluse.c,其中提到的“errno”不是libcurl错误代码,而是当时实际的errno变量。

因此,不要让 curl_error() 的输出误导您。相反,使用 curl_errno() 来获取正确的

I encountered a similar cryptic error while working with a third-party library. I tried the CURLOPT_SSL_VERIFY[PEER|HOST] but it made no difference. My error message was similar:

SSL read: error:00000000:lib(0):func(0):reason(0), errno 54

So I visited http://curl.haxx.se/libcurl/c/libcurl-errors.html, looking for the error code 54.

CURLE_SSL_ENGINE_SETFAILED (54) Failed setting the selected SSL crypto engine as default!

This was wrong though - I was making other HTTPS requests using curl in other parts of the application. So I kept digging and found this question, R & RCurl: Error 54 in libcurl, which had this gem:

The output you see is from lib/ssluse.c in libcurl's source code and the "errno" mentioned there is not the libcurl error code but the actual errno variable at that time.

So, don't let the output of curl_error() mislead you. Instead, use curl_errno() to obtain the correct error code, which in this case was actually 56, CURLE_RECV_ERROR. Had the wrong host name...

回复 原文
不…忘初心 2024-10-03 17:55:01

使用 SSL,请确保您已从 php.ini 打开openssl 扩展

With SSL, make sure that you have openssl extension turned on from php.ini.

回复 原文
两个我 2024-10-03 17:55:01

我也遇到过同样的问题。事实证明,目标系统上的 ssl 配置有问题。

检查了 php curl 模块、GuzzleHttp 版本、openssl 版本后,我在浏览器中调用了该链接,它起作用了。但是使用 curl --tlsv1 -kv https://www.example.com控制台仍然有错误。

所以我在 https://www.ssllabs.com/ssltest/ 检查了 ssl 配置,它被评为与 B. 还有一些我以前从未见过的在线证书状态协议 (OCSP) 错误。最后,我将目标系统上的配置更改为 https://cipherli.st/ 中的建议,重新启动了网络服务器和所有内容工作了。 ssllabs 的新评级现为 A+。

我的 nginx 配置(Ubuntu 14.04,nginx 1.4.6-1ubuntu3.5):

ssl     on;
ssl_certificate /etc/ssl/certs/1_www.example.com_bundle.crt;
ssl_certificate_key     /etc/ssl/private/www.example.com.key;

ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH";
ssl_ecdh_curve secp384r1; # Requires nginx >= 1.1.0
ssl_session_cache shared:SSL:10m;
#ssl_session_tickets off; # Requires nginx >= 1.5.9
ssl_stapling on; # Requires nginx >= 1.3.7
ssl_stapling_verify off; # Requires nginx => 1.3.7
ssl_dhparam /etc/ssl/private/dhparams.pem;
ssl_trusted_certificate /etc/ssl/startssl.ca.pem;
resolver 8.8.8.8 valid=300s;
resolver_timeout 5s;
add_header Strict-Transport-Security "max-age=63072000; www.example.com; preload";
add_header X-Frame-Options DENY;
add_header X-Content-Type-Options nosniff;

I've had the same problem. It turned out, that the ssl on the target system had a bad configuration.

After checking the php curl module, the GuzzleHttp version, the openssl version I called the link in the browser and it worked. But with curl --tlsv1 -kv https://www.example.com on the console there was still an error.

So I checked the ssl configuration at https://www.ssllabs.com/ssltest/ It was rated with B. And there where some Online Certificate Status Protocol (OCSP) errors I haven't seen before. Finally I changed my configuration on the target system to the suggestions at https://cipherli.st/ restarted the webserver and everything worked. The new rating at ssllabs is now A+.

My nginx configuration (Ubuntu 14.04, nginx 1.4.6-1ubuntu3.5):

ssl     on;
ssl_certificate /etc/ssl/certs/1_www.example.com_bundle.crt;
ssl_certificate_key     /etc/ssl/private/www.example.com.key;

ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH";
ssl_ecdh_curve secp384r1; # Requires nginx >= 1.1.0
ssl_session_cache shared:SSL:10m;
#ssl_session_tickets off; # Requires nginx >= 1.5.9
ssl_stapling on; # Requires nginx >= 1.3.7
ssl_stapling_verify off; # Requires nginx => 1.3.7
ssl_dhparam /etc/ssl/private/dhparams.pem;
ssl_trusted_certificate /etc/ssl/startssl.ca.pem;
resolver 8.8.8.8 valid=300s;
resolver_timeout 5s;
add_header Strict-Transport-Security "max-age=63072000; www.example.com; preload";
add_header X-Frame-Options DENY;
add_header X-Content-Type-Options nosniff;
回复 原文
很酷不放纵 2024-10-03 17:55:01

我认为你的意思是使用 CURLOPT_SSL_VERIFYHOST,而不是 CURLOPT_SSL_VERIFYPEER

I think you mean to use CURLOPT_SSL_VERIFYHOST, not CURLOPT_SSL_VERIFYPEER

回复 原文
氛圍 2024-10-03 17:55:01

添加这个:

curl_setopt( $curl, CURLOPT_SSL_VERIFYHOST, 0);

我有同样的错误并且对我来说工作得很好。

add this:

curl_setopt( $curl, CURLOPT_SSL_VERIFYHOST, 0);

I had the same error and worked fine for me.

回复 原文
濫情▎り 2024-10-03 17:55:01

我的函数 curl_error 打印了相同的错误,但这不一定与 SSL 有关。最好使用函数 curl_errno 打印精确的错误号,这样您就可以从那里更好地诊断。就我而言,它返回了 52 错误代码,我可以从那里进行调试,事实上另一台服务器没有发送任何数据。

I had the same error printed by the function curl_error but this is not necessarily related to SSL. It is better to print the precise error number with the function curl_errno and you can diagnose better from there. In my case it returned me a 52 error code and I could debug from there, in fact the other server was not sending any data.

回复 原文
墨落成白 2024-10-03 17:55:01

这意味着目标服务器需要 SSL 通信。

您应该为您运行 CURL 请求的发送服务器生成 SSL 证书

Let's Encrypt 是第一个免费且开放的 CA

此处描述了所有内容 sslforfree.com

在此处输入图像描述

It means the destination server require an SSL communication.

You should generate an SSL certificate for your sending server from wich you run the CURL request

Let's Encrypt is the first free and open CA

Everything is described here sslforfree.com

enter image description here

回复 原文
终难愈 2024-10-03 17:55:01

我解决了这个curl错误:“SSL read: error:00000000:lib(0):func(0):reason(0), errno 104”,方法是从我的url查询参数值(逗号分隔值)中删除额外的空格。

例如:

https://example.com?a=123,456,SPACE_ADDED_BY_MISTAKE789

https://example.com?a=123,456,789

I solved this curl error: "SSL read: error:00000000:lib(0):func(0):reason(0), errno 104" by removing extra space from my url query parameter value (comma separated values).

For example:

https://example.com?a=123,456,SPACE_ADDED_BY_MISTAKE789

to

https://example.com?a=123,456,789

回复 原文
~没有更多了~

关于作者

深海里的那抹蓝

暂无简介

0 文章
0 评论
24 人气
发私信

相关话题

更多

热门标签

操作系统 程序设计 IT运维 Linux系统管理 JavaScript 服务器应用 solaris C/C++ PHP Shell BSD Vue.js aix Oracle Python HTML 系统管理 HTML5 CSS 前端
更多

推荐作者

胡图图

文章 0 评论 0

zt006

文章 0 评论 0

z祗昰~

文章 0 评论 0

冰葑

文章 0 评论 0

野の

文章 0 评论 0

天空

文章 0 评论 0

更多

友情链接

文江博客
    我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
    原文