osx 10.10 Curl POST to HTTPS url gives SSLRead() error

by

I’ve seen this error happen when php is compiled with a version of cURL that uses Apple’s Secure Transport under Yosemite and the target of the URL request doesn’t support SSLv3 (which was probably disabled due to the POODLE vulnerability). What is the output of this command?

$ php -i | grep "SSL Version"

I suspect you’ll see this:

SSL Version => SecureTransport

You can overcome this by installing a version of php which uses a version of cURL which uses OpenSSL instead of SecureTransport. This is most easily done with homebrew. So install that first if you don’t already have it. If homebrew is installed but you haven’t run brew update since upgrading to Yosemite, do that first. Also make sure you’ve installed XCode >= 6.1 and the latest XCode command line tools. brew doctor will tell you if you’ve done it all right.

Add the Homebrew taps below that you will need in order to get brewed php installed. Skip this step if these repos are already tapped. If you’re unsure if these repos are already tapped, just run the commands below. Worst case scenario, you’ll get a harmless Warning: Already tapped!

$ brew tap homebrew/dupes
$ brew tap homebrew/versions
$ brew tap homebrew/php

Then install curl with openssl:

$ brew install --with-openssl curl

Then install php using the curl you just installed and brewed openssl:

$ brew install --with-homebrew-curl --with-httpd24 php55

  • if using apache, make sure to add LoadModule php5_module /usr/local/opt/php55/libexec/apache2/libphp5.so to your /etc/apache2/httpd.conf and restart apache.

  • if not using apache 2.4, you can remove --with-httpd24 from the above command.

  • if using nginx, follow the caveat instuctions for starting fpm:

    To launch php-fpm on startup:

    mkdir -p ~/Library/LaunchAgents
cp /usr/local/opt/php55/homebrew.mxcl.php55.plist ~/Library/LaunchAgents/
launchctl load -w ~/Library/LaunchAgents/homebrew.mxcl.php55.plist

Install any php extensions you’re going to need eg. mcrypt.

$ brew install php55-mcrypt

After you’re done, run this again:

$ php -i | grep "SSL Version"

And you should see:

SSL Version => OpenSSL/1.0.2h

And now, re-test your application and the SSLRead() return error -9806 should go away.

More Related Contents:

  1. Best way to manage long-running php script?
  2. Php-intl installation on XAMPP
  3. How to use the php that brew installed?
  4. PHP files are downloaded by browser instead of processed by local dev server (MAMP)
  5. Installing mcrypt extension for PHP on OSX Mountain Lion
  6. $PATH environment variable for apache2 on mac
  7. UTF-8 all the way through
  8. curl POST format for CURLOPT_POSTFIELDS
  9. deny direct access to a folder and file by htaccess
  10. How to check if mod_rewrite is enabled in php?
  11. Run process with realtime output in PHP
  12. PHP cURL custom headers
  13. PHP code is not being executed, but the code shows in the browser source code
  14. Setting Curl’s Timeout in PHP
  15. How to check what user php is running as?
  16. Pretty URLs with .htaccess
  17. WampServer orange icon
  18. Posting multidimensional array with PHP and CURL
  19. Only variable references should be returned by reference – Codeigniter
  20. Post to a Facebook user’s wall with cURL PHP
  21. php return 500 error but no error log
  22. PHP unable to load php_curl.dll extension
  23. %2F in URL breaks and does not reference to the .php file required [duplicate]
  24. Login to Google with PHP and Curl, Cookie turned off?
  25. Laravel 5 Socialite – cURL error 77: error setting certificate verify locations
  26. CakePHP Database connection “Mysql” is missing, or could not be created
  27. Installing pecl and pear on OS X 10.11 El Capitan, macOS 10.12 Sierra, macOS 10.13 High Sierra (< 10.13.3)
  28. upload multiple files to php server using curl command line
  29. how to enable shell_exec and exec on php?
  30. PHP cURL: how to set body to binary data?

Leave a Comment