Error 0x1408F10B: "SSL3_GET_RECORD:wrong version number" with PayPal SDK
UPDATE: As Jaffer noted, PayPal's GitHub repository has already merged the changes below, so you might just update your SDK.
At least this seems to work for now, though I will have to investigate what protocol it will actually use.
\PayPal\Core\PPHttpConfig::$DEFAULT_CURL_OPTS[CURLOPT_SSLVERSION] = 1;// 0 = default protocol (likely TLSv1), 1 = TLSv1; unsafe: 2 = SSLv2, 3 = SSLv3
For other people using cURL directly, just use
curl_setopt($handle, CURLOPT_SSLVERSION, 1);
UPDATE:
Just looked up the source to cURL, these are the values (//
comments mine):
enum { CURL_SSLVERSION_DEFAULT, // 0 CURL_SSLVERSION_TLSv1, // 1 CURL_SSLVERSION_SSLv2, // 2 CURL_SSLVERSION_SSLv3, // 3 CURL_SSLVERSION_LAST /* never use, keep last */ // 4};
So to summarize, yes, 1 is TLSv1 and judging from the comment, is probably better than 4.
Updated code above.
PayPal have officially released an update to the PHP SDK to address this issue, which was posted in the Github PR Jaffer linked to
https://github.com/paypal/rest-api-sdk-php/releases/tag/v0.13.1
For people who are using https://github.com/Quixotix/PHP-PayPal-IPN, just set false to force_ssl_v3:
$listener = new IpnListener();$listener->force_ssl_v3 = false;