Curl error: error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure111

Question

I have error: Curl error: error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure111 with this curl settings:

    $oCURL = curl_init();
    curl_setopt($oCURL, CURLOPT_POST, 1);
    curl_setopt ($oCURL, CURLOPT_SSLVERSION, 4);
    curl_setopt($oCURL, CURLOPT_SSL_CIPHER_LIST, 'TLSv1');
    curl_setopt($oCURL, CURLOPT_POSTFIELDS, implode('&', $headers));
    curl_setopt($oCURL, CURLOPT_URL, 'https://' . PRZELEWY24_TYPE . '.przelewy24.pl/trnRegister');
    curl_setopt($oCURL, CURLOPT_SSL_VERIFYHOST, 2);
    curl_setopt($oCURL, CURLOPT_USERAGENT, 'Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0)');
    curl_setopt($oCURL, CURLOPT_RETURNTRANSFER, 1);
    curl_setopt($oCURL, CURLOPT_SSL_VERIFYPEER, false);

Answer 1

curl_setopt ($oCURL, CURLOPT_SSLVERSION, 4);

This enforces TLS 1.0. No idea why you restrict curl to a TLS protocol version which is kind of obsolete.

curl_setopt($oCURL, CURLOPT_URL, 'https://' . PRZELEWY24_TYPE . '.przelewy24.pl/trnRegister');

It is unclear what PRZELEWY24_TYPE is. But assuming this is sandbox then the requests fails because the site in question does not support TLS 1.0 anymore, only more modern protocols like TLS 1.2 and TLS 1.3.

It is recommended that you simply neither set CURLOPT_SSLVERSION nor CURLOPT_SSL_CIPHER_LIST but use the defaults instead - in which case it will likely work. Note also that you should also not set CURLOPT_SSL_VERIFYPEER to false for a production site since this will open your client to easy man in the middle attacks.