Cannot refresh the access token in Quickbooks API. Error in checking cURL version for TLS 1.2

Question

We are using the HelloWorld-PHP (https://github.com/IntuitDeveloper/HelloWorld-PHP) project which is available at Github.

We have been using the refreshToken.php file for refreshing the tokens, but recently, we are getting an error:

The error message is "Error in checking cURL version for TLS 1.2. Error Num:[7] Error message:[Failed to connect to www.howsmyssl.com port 443: Connection timed out]"

Is it because www.howsmyssl.com is unavailable?

Detailed error message follows:

object(QuickBooksOnline\API\Exception\SdkException)#28 (7) { ["message":protected]=> string(143) "Error in checking cURL version for TLS 1.2. Error Num:[7] Error message:[Failed to connect to www.howsmyssl.com port 443: Connection timed out]" ["string":"Exception":private]=> string(0) "" ["code":protected]=> int(0) ["file":protected]=> string(94) "/home/ezcomp5/public_html/qbapi/vendor/quickbooks/v3-php-sdk/src/Core/HttpClients/BaseCurl.php" ["line":protected]=> int(115) ["trace":"Exception":private]=> array(6) { [0]=> array(6) { ["file"]=> string(100) "/home/ezcomp5/public_html/qbapi/vendor/quickbooks/v3-php-sdk/src/Core/HttpClients/CurlHttpClient.php" ["line"]=> int(148) ["function"]=> string(12) "versionOfTLS" ["class"]=> string(46) "QuickBooksOnline\API\Core\HttpClients\BaseCurl" ["type"]=> string(2) "->" ["args"]=> array(0) { } } [1]=> array(6) { ["file"]=> string(100) "/home/ezcomp5/public_html/qbapi/vendor/quickbooks/v3-php-sdk/src/Core/HttpClients/CurlHttpClient.php" ["line"]=> int(79) ["function"]=> string(6) "setSSL" ["class"]=> string(52) "QuickBooksOnline\API\Core\HttpClients\CurlHttpClient" ["type"]=> string(2) "->" ["args"]=> array(2) { [0]=> array(8) { [10002]=> string(57) "https://oauth.platform.intuit.com/oauth2/v1/tokens/bearer" [10036]=> string(4) "POST" [19913]=> bool(true) [10023]=> array(4) { [0]=> string(23) "Accept:application/json" [1]=> string(144) "Authorization:Basic QUJadm1NdEtFZEFoeDFkR0FGcEpxelh5ZTNTY0tSRk1Fbm81Z3MxbUJ5NzBzYkFkVDY6TFBaazc4c2hwT3JuaUdHWFVzeTNWSnJKR1MwYTNzZ2JLcVFNSk8yTQ==" [2]=> string(46) "Content-Type:application/x-www-form-urlencoded" [3]=> string(16) "connection:close" } [78]=> int(10) [13]=> int(100) [42]=> bool(true) [10015]=> string(89) "grant_type=refresh_token&refresh_token=AB11601828067GGWvx6P6C3Dr79VdhB2R6zZCzxx0hHzFIB8K5" } [1]=> bool(true) } } [2]=> array(6) { ["file"]=> string(100) 
"/home/ezcomp5/public_html/qbapi/vendor/quickbooks/v3-php-sdk/src/Core/HttpClients/CurlHttpClient.php" ["line"]=> int(45) ["function"]=> string(14) "prepareRequest" ["class"]=> string(52) "QuickBooksOnline\API\Core\HttpClients\CurlHttpClient" ["type"]=> string(2) "->" ["args"]=> array(6) 
{ [0]=> string(57) "https://oauth.platform.intuit.com/oauth2/v1/tokens/bearer" [1]=> string(4) "POST" [2]=> array(4) { ["Accept"]=> string(16) "application/json" ["Authorization"]=> string(130) "Basic QUJadm1NdEtFZEFoeDFkR0FGcEpxelh5ZTNTY0tSRk1Fbm81Z3MxbUJ5NzBzYkFkVDY6TFBaazc4c2hwT3JuaUdHWFVzeTNWSnJKR1MwYTNzZ2JLcVFNSk8yTQ==" ["Content-Type"]=> string(33) "application/x-www-form-urlencoded" 
["connection"]=> string(5) "close" } [3]=> string(89) "grant_type=refresh_token&refresh_token=AB11601828067GGWvx6P6C3Dr79VdhB2R6zZCzxx0hHzFIB8K5" [4]=> NULL [5]=> bool(true) } } [3]=> array(6) { ["file"]=> 
string(104) "/home/ezcomp5/public_html/qbapi/vendor/quickbooks/v3-php-sdk/src/Core/OAuth/OAuth2/OAuth2LoginHelper.php" ["line"]=> int(251) ["function"]=> string(11) "makeAPICall" ["class"]=> string(52) "QuickBooksOnline\API\Core\HttpClients\CurlHttpClient" 
["type"]=> string(2) "->" ["args"]=> array(6) { [0]=> string(57) "https://oauth.platform.intuit.com/oauth2/v1/tokens/bearer" [1]=> string(4) "POST" [2]=> array(4) 
{ ["Accept"]=> string(16) "application/json" ["Authorization"]=> string(130) "Basic QUJadm1NdEtFZEFoeDFkR0FGcEpxelh5ZTNTY0tSRk1Fbm81Z3MxbUJ5NzBzYkFkVDY6TFBaazc4c2hwT3JuaUdHWFVzeTNWSnJKR1MwYTNzZ2JLcVFNSk8yTQ==" ["Content-Type"]=> string(33) "application/x-www-form-urlencoded" 
["connection"]=> string(5) "close" } [3]=> string(89) "grant_type=refresh_token&refresh_token=AB11601828067GGWvx6P6C3Dr79VdhB2R6zZCzxx0hHzFIB8K5" [4]=> NULL [5]=> bool(true) } } [4]=> array(6) { ["file"]=> string(70) "/home/ezcomp5/public_html/qbapi/HelloWorld-PHP-master/refreshToken.php" ["line"]=> int(43) ["function"]=> string(12) "refreshToken" 
["class"]=> string(56) "QuickBooksOnline\API\Core\OAuth\OAuth2\OAuth2LoginHelper" ["type"]=> string(2) "->" ["args"]=> array(0) { } } [5]=> array(4) { ["file"]=> string(70) "/home/ezcomp5/public_html/qbapi/HelloWorld-PHP-master/refreshToken.php" ["line"]=> int(71) ["function"]=> string(12) "refreshToken" ["args"]=> array(0) { } } } ["previous":"Exception":private]=> NULL }

Answer 1

The PHP SDK calls www.howsmyssl.com to determine if your PHP cURL is up-to-date enough to make TLS 1.2 enabled calls.

If you're already using the SDK, it's probably safe to assume that you CAN make calls using this. We overrode CurlHttpClient.php and removed this check by commenting out the following lines:

$tlsVersion = $this->basecURL->versionOfTLS();
if(strcmp($tlsVersion, "TLS 1.2") != 0){
  throw new SdkException("Error. Checking TLS 1.2 version failed. Please make sure your PHP cURL supports TSL 1.2");
}

Edit: If you're using composer, update your dependency. They removed this here: https://github.com/intuit/QuickBooks-V3-PHP-SDK/commit/91050cbdc0e82e5f6df8bacc40bfe6e1b232a30e

ref https://help.developer.intuit.com/s/question/0D54R00006p6iWH/the-php-sdk-i-have-now-found-out-the-hard-way-uses-a-3rd-party-service-httpswwwhowsmysslcom-to-confirm-the-tls-version-in-use-eg-tls-12tls-13-it-looks-as-though-tue-26th-nov-2019-8pmishest-the-httpswwwhowsmysslcom-site-went-down