Skip to main content

cURL Error(7)

Comments

12 comments

  • cPanelLauren
    Hi @eVdaimon This is most commonly an issue with TLSv 1.2 it's discussed on their site here: PAY request returns SSL connect error " Issue #64 " paypal/adaptivepayments-sdk-php
    0
  • eVdaimon
    Thank you for your response. I have came across one of the links. Following the other one, I found different versions for openssl on the machine: [root ~]# php --ri openssl openssl OpenSSL support => enabled OpenSSL Library Version => OpenSSL 1.0.2q 20 Nov 2018 OpenSSL Header Version => OpenSSL 1.0.2q 20 Nov 2018 Openssl default config => /opt/cpanel/ea-openssl/etc/pki/tls/openssl.cnf
    [root ~]# openssl OpenSSL> version OpenSSL 1.0.1e-fips 11 Feb 2013
    ~]# yum info openssl Installed Packages Name : openssl Arch : x86_64 Version : 1.0.1e Release : 57.el6 Size : 4.1 M Repo : installed From repo : base Summary : A general purpose cryptography library with TLS implementation URL : http://www.openssl.org/ License : OpenSSL
    I also found this similar forums topic that has no final solution for the same issue:
    0
  • cPanelLauren
    Hi @eVdaimon Can you run the following on your server and let me know the output? rpm -qa |grep openssl
    Thanks!
    0
  • eVdaimon
    Here it is: [root]# rpm -qa |grep openssl ea-openssl-1.0.2q-1.1.1.cpanel.x86_64 openssl-devel-1.0.1e-57.el6.x86_64 openssl-1.0.1e-57.el6.x86_64 [root]#
    0
  • cPanelLauren
    Hi @eVdaimon If you run yum check-update openssl
    is there an update available? If not do you have anything excluding OpenSSL updates in /etc/yum.conf? grep "exclude" /etc/yum.conf
    Also if you go to WHM>>Service Configuration>>Apache Configuration -> Global Configuration ->SSL/TLS Protocols can you tell me what protocols are enabled? Thanks!
    0
  • eVdaimon
    I do not see an update: # yum check-update openssl Loaded plugins: fastestmirror, security, universal-hooks Loading mirror speeds from cached hostfile * EA4: 208.74.123.62 * cpanel-addons-production-feed: 208.74.123.62 * base: repos.dfw.quadranet.com * epel: d2lzkl7pfhq30w.cloudfront.net * extras: repos.dfw.quadranet.com * updates: repos.dfw.quadranet.com
    Here are the exclude options: ]# grep "exclude" /etc/yum.conf exclude=bind-chroot courier* dovecot* exim* filesystem httpd* mod_ssl* mydns* nsd* p0f php* proftpd* pure-ftpd* spamassassin* squirrelmail*
    The Ssl/Tls protocols there are: All -SSLv2 -SSLv3 The default option is TLSv1.2 though but is not checked. In a production site, I used this to check what is used: echo CURL_SSLVERSION_TLSv1_2; echo '
    '; $curl_info = curl_version(); echo $curl_info['ssl_version'>;

    I get: 6 OpenSSL/1.0.2q Thank you
    0
  • cPanelLauren
    Hi @eVdaimon Can you please open a ticket using the link in my signature? I believe we can help you resolve this if we're able to look into the issue more in-depth Once open please reply with the Ticket ID here so that we can update this thread with the resolution once the ticket is resolved. Thanks!
    0
  • eVdaimon
    Thank you. I have created a ticket. Your Support Request ID is: 11210247
    0
  • cPanelLauren
    Great, I'm watching that ticket and I'll add an update here with the analyst's findings as soon as available.
    0
  • cPanelLauren
    Hello, Based on the ticket it looks like the analysts were no longer able to replicate a connection issue. Can you confirm you're now able to connect to paypal successfully?
    0
  • eVdaimon
    The analysts were not able to replicate it, indeed. It is because the server works fine most of the time and when it does, the issue does not happen. At some point it breaks and it is not only connection to PayPal that suffers but in general, any connection to a tls host. We will wait for a time when the problem appears again, so the analysts can check it that time.
    0
  • eVdaimon
    Hello, I posted to contribute the final verdict as found by cPanel support tickets. It seems that nscd was responsible for these errors. A possible corruption of the "hosts" cache files has been indicated as the possible source of the trouble. This was the commands chosen to fix it. 21:44:32] [11210247] [~]$ nscd --invalidate=hosts [21:45:20] [11210247] [~]$ /scripts/restartsrv_nscd --status nscd (/usr/sbin/nscd) is running as nscd with PID 45264 (pidfile+/proc check method). There is no certainty that the problem will not re-appear but still the issue needs to be flagged as solved as the source was identified and the fix above worked. Thank you
    0

Please sign in to leave a comment.