CODEWITHSUNDEEP
phpsslcurl
CyberHelp
CyberHelp

Reputation: 73

PHP cURL SSL Connect Error

I have tried to display content of SSL webpage using file_get_contents() function.

$url = base64_decode("aHR0cHM6Ly93d3cudGVudGtvdHRhLmNvbQ==");
echo file_get_contents($url);

$header = array("Connection: Keep-Alive", "User-Agent: Mozilla/5.0");
$ch = curl_init();
curl_setopt($ch, CURLOPT_HEADER, $header);
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_TIMEOUT, 3600);
curl_setopt($ch, CURLOPT_SSLVERSION , 3);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);     
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0); 
curl_setopt($ch, CURLOPT_IPRESOLVE, CURL_IPRESOLVE_V4);
$result = curl_exec($ch);
if($errno = curl_errno($ch)) {
    $error_message = curl_strerror($errno);
    echo "cURL error ({$errno}):\n {$error_message}";
}
curl_close($ch);
echo $result;

But it throws me a warning says,

Warning: file_get_contents(): Failed to enable crypto in

Then I tried to get using cURL library. But it also gives me an error no 35 which is SSL Connect Error.

I have searched on cURL site and it says error while connecting webpage.

CURLE_SSL_CONNECT_ERROR (35)

A problem occurred somewhere in the SSL/TLS handshake. You really want the error buffer and read the message there as it pinpoints the problem slightly more. Could be certificates (file formats, paths, permissions), passwords, and others.

could you please anyone help me with this.

Thank you.

Upvotes: 2

Views: 16213

Answers (1)

Asaph
Asaph

Reputation: 162761

TLDR:

I fixed up your code. Here is a working example:

$url = base64_decode("aHR0cHM6Ly93d3cudGVudGtvdHRhLmNvbQ==");

$header = array("User-Agent: Mozilla/5.0");
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_HTTPHEADER, $header);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);

$result = curl_exec($ch);
if($errno = curl_errno($ch)) {
    $error_message = curl_strerror($errno);
    echo "cURL error ({$errno}):\n {$error_message}";
}
curl_close($ch);
echo $result;

A Longer Explanation

After base64 decoding $url is equal to https://www.tentkotta.com which (when requested with the code in your question) returns an HTTP 500 Internal Server Error:

https://www.tentkotta.com
HTTP/1.1 500 Internal Server Error
Date: Sat, 04 Jun 2016 02:15:19 GMT
Server: Apache
X-Powered-By: PHP/5.6.21
Set-Cookie: kohanasession=jfl6dh4k386htjpgmh99ns54t1; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: kohanasession=jfl6dh4k386htjpgmh99ns54t1; path=/
Set-Cookie: kohanasession_data=c2Vzc2lvbl9pZHxzOjI2OiJqZmw2ZGg0azM4Nmh0anBnbWg5OW5zNTR0MSI7dG90YWxfaGl0c3xpOjE7X2tmX2ZsYXNoX3xhOjA6e311c2VyX2FnZW50fHM6MDoiIjtpcF9hZGRyZXNzfHM6MTI6Ijk5LjE1MC4yNDUuNCI7bGFzdF9hY3Rpdml0eXxpOjE0NjUwMDY1MTk7TEFTVF9BQ1RJVklUWXxpOjE0NjUwMDY1MTk7Q2l0eUlEfHM6MjoiMTMiOw%3D%3D; path=/
Vary: Accept-Encoding,User-Agent
Content-Length: 828
Connection: close
Content-Type: text/html; charset=UTF-8

<link rel="stylesheet" type="text/css" href="https://www.tentkotta.com/themes/pink/css/style.css" />
 <link rel="shortcut icon" href="https://www.tentkotta.com/themes/pink/images/favicon.ico" type="image/x-icon" />
<div class="container_outer" >
<div class="container_inner">
    <div class="container">
        <div class="content_fourty_four_page">
            <div class="error_inner_page">
            <div class="error_left_im">
                    <img src="https://www.tentkotta.com/themes/pink/images/404_error_img.png"  alt="404 error" />
            </div>
            <div class="error_right_cont">
            <img src="https://www.tentkotta.com/themes/pink/images/error_right_im.png"  alt="404 error" />
            <p>The page you’re looking for cannot be found.</p>
            <a href="javascript:history.back();" title="Back">Back</a>
            </div>
            </div>

        </div>
    </div>
</div>
</div>

To stop causing errors on the server side, you need to change this line:

curl_setopt($ch, CURLOPT_HEADER, $header);

to

curl_setopt($ch, CURLOPT_HTTPHEADER, $header);

CURLOPT_HEADER is for response headers. CURLOPT_HTTPHEADER is for request headers. See the curl_setopt docs for details.

Also, remove this line:

curl_setopt($ch, CURLOPT_SSLVERSION , 3);

SSLv3 has likely been disabled on your target URL due to the POODLE vulnerability. Just let cURL and the host negotiate the best protocol instead of specifying it yourself.

Additionally, the following lines are not necessary since https://www.tentkotta.com does appear to have a valid SSL Certificate:

curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);

Also, if you want the $result variable to contain the response body of the HTTP request, you should add this line:

curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);

Beyond that many of your other settings such as "Connection: Keep-Alive", CURLOPT_TIMEOUT and CURLOPT_IPRESOLVE aren't helping in this example and can safely be removed.

Upvotes: 3

Related Questions