Reputation: 1331
Facebook API gives Error from Today
till today my facebook api under PHP worked well. I did not change anything. But from today on i get the following error:
facebook failed: "error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure /usr/bin/php /var/www/pas/www/cronjobs/cronjob.channelsActions.php
Has anybody got an idea, how i could solve that error?
Upvotes: 4
Views: 1381
Answers (3)
Reputation: 111
It's because of the POODLE: SSLv3.0 vulnerability (CVE-2014-3566).
After this vulnerability was announced today, many services disabled SSLv3 completely for the time being, including Facebook, and it happens that Facebook uses SSLv3 in their PHP SDK.
I am not sure if you have the same Facebook PHP SDK version as me, but if you have the base_facebook.php file, find the line:
$opts[CURLOPT_SSLVERSION] = 3;
And change it to a value that does not allow SSLv3 any longer (find all constants listed):
$opts[CURLOPT_SSLVERSION] = CURL_SSLVERSION_DEFAULT;
or:
$opts[CURLOPT_SSLVERSION] = CURL_SSLVERSION_TLSv1;
or:
$opts[CURLOPT_SSLVERSION] = CURL_SSLVERSION_TLSv1_0;
This way the Facebook API calls will use TLSv1.0 instead of SSLv3. In my case this line is in the "makeRequest($url, $params, $ch=null)" function at line 963, but depending on the version of the PHP SDK you're using it may differ.
Upvotes: 11
Reputation: 791
My server has not upgraded to PHP 5.5 or 5.6, the version which includes CURL_SSLVERSION_TLSv1_0.
The fix, with older PHP versions, is to comment out the line:
$opts[CURLOPT_SSLVERSION$
Upvotes: 1
Reputation: 13345
Facebook made the decision to drop support for SSL 3.0 across Facebook properties, including the Facebook Platform API and the Real-Time Updates API, after a serious vulnerability in the protocol was revealed publicly on October 14, 2014 (http://googleonlinesecurity.blogspot.com/2014/10/this-poodle-bites-exploiting-ssl-30.html). This change helps protect people’s information.
Older versions of our PHP SDK (Facebook PHP SDK 3.1.1 and older) that used SSL 3.0 will no longer work. All developers should upgrade to a version of our SDK that uses TLS - Facebook SDK 3.2.3 or greater. We recommend that developers upgrade to our latest SDK, SDK 4.0.0.
- PHP SDK 3.2.3: https://developers.facebook.com/docs/reference/php/3.2.3
- PHP SDK 4.0.0: https://developers.facebook.com/docs/reference/php/4.0.0
- Dev Doc: https://developers.facebook.com/docs/apps/changelog#disable-ssl-v30F
Upvotes: 1
Related Questions
- Facebook error: "An unexpected error has occurred. Please retry your request later."
- GraphMethodException Facebook API
- Facebook Graph API error code list
- Facebook api feed error
- Unsupported get request - Facebook API
- Why does Facebook Graph API return error "An unexpected error has occurred. Please retry your request later."?
- Facebook OpenGraph API Error
- Facebook Graph API ERROR
- Facebook api throws an error
- Facebook Graph API error?