1
使用IIS在Windows Server 2008 R2上運行PHP 5.3.28和curl 7.30.0(OpenSSL/0.9.8y & libssh2/1.4.2)。PayPal IPN監聽器 - SSL證書握手失敗
我使用他們的沙盒環境中創建一個IPN偵聽貝寶即時付款通知,但無論我做什麼,我得到的SSL證書的錯誤:
error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure
這裏是我的代碼(其中$fields是正確的領域POST回):
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, 'https://www.sandbox.paypal.com/cgi-bin/webscr';
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, $fields);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_FAILONERROR, true);
if ($result = curl_exec($ch)) {
echo 'result = '.$result.'<br>';
} else {
echo 'result = '.$result.'<br>';
echo 'errno = '.curl_errno($ch).'<br>';
echo 'error = '.curl_error($ch).'<br>';
}
curl_close($ch);
所以,我的理解是PayPal的服務器requires TLS 1.2 and does not support SSL 2/3,但我似乎無法讓我的POST請求工作。我已經試過:
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
...我得到同樣的錯誤。我也試過:
curl_setopt($ch, CURLOPT_SSLVERSION, n);
...它得到以下結果:
- [默認] =
35 error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure - 0 CURL_SSLVERSION_DEFAULT =
35 error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure - 1 CURL_SSLVERSION_TLSv1 =
35 error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure - 2 CURL_SSLVERSION_SSLv2 =
4 OpenSSL was built without SSLv2 support - 3 CURL_SSLVERSION_SSLv3 =
35 error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure - 4 CURL_SSLVERSION_TLSv1_0 =
35 error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure - 5 CURL_SSLVERSION_TLSv1_1 =
35 error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure - 6 CURL_SSLVERSION_TLSv1_2 =
35 error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure
我還讀的地方嘗試這種:
curl_setopt($ch, CURLOPT_CAINFO, dirname(__FILE__) . '\cacert.pem');
哪裏cacert.pem從http://curl.haxx.se/docs/caextract.html下載並放置在與我的腳本相同的目錄中。這沒有任何區別。
我的代碼是否正確..?
如何使這項工作..?