Skip to main content

Upgrading Curl to the latest version

polar504
I installed latest curl from

Comments

20 comments

Date Votes
  • cPRex Jurassic Moderator
    Hey there! In general, you don't want to manually upgrade packages like this outside of what the OS, and cPanel, supports. This will almost certainly lead to unintended consequences for the machine.
    0
  • polar504
    But I had no other way to upgrade the curl.
    0
  • polar504
    I wanted to upgrade to the latest version to fix this issue with WHMCS:
    0
  • vanessa
    Check through this list: PHP cURL SSL connect error 35 - Top Causes and fixes
    0
  • cPRex Jurassic Moderator
    I don't believe upgrading curl will be the solution to this issue, as WHMCS would not recommend upgrading past what the OS can support. Can you put the default curl version back in place and then run this command from the machine and send me that output? curl https://api.mailgun.net -kvL
    0
  • polar504
    Attached.
    0
  • cPRex Jurassic Moderator
    Thanks for that - it looks like the same error as what you're seeing in the interface. This seems more like an issue with the OpenSSL system - can you try running this to see what results you get? openssl s_client -connect api.mailgun.net:443
    0
  • polar504
    Here you are
    0
  • cPRex Jurassic Moderator
    Thanks for that - that confirms there is an SSL issue outside of WHMCS causing the problem, since it happens directly on the command line outside of the WHMCS application. For some reason, your machine isn't able to process SSL certificates. I'd try running this against Google to see if the same issue happens with other hosts, but there is likely something happening on your system that may or may not be related to the Curl adjustments: openssl s_client -connect google.com:443
    When working correctly, it should provide you with a VERY large amount of output that shows all the details about the SSL certificate and connection.
    0
  • vanessa
    What is the output of: rpm -qa |grep -i openssl rpm -qa |grep -i curl Also, please confirm your exact OS version
    0
  • polar504
    Thanks for that - that confirms there is an SSL issue outside of WHMCS causing the problem, since it happens directly on the command line outside of the WHMCS application. For some reason, your machine isn't able to process SSL certificates. I'd try running this against Google to see if the same issue happens with other hosts, but there is likely something happening on your system that may or may not be related to the Curl adjustments: openssl s_client -connect google.com:443
    When working correctly, it should provide you with a VERY large amount of output that shows all the details about the SSL certificate and connection.

    CONNECTED(00000003) depth=2 C = US, O = Google Trust Services LLC, CN = GTS Root R1 verify return:1 depth=1 C = US, O = Google Trust Services LLC, CN = GTS CA 1C3 verify return:1 depth=0 CN = *.google.com verify return:1 --- Certificate chain 0 s:CN = *.google.com i:C = US, O = Google Trust Services LLC, CN = GTS CA 1C3 1 s:C = US, O = Google Trust Services LLC, CN = GTS CA 1C3 i:C = US, O = Google Trust Services LLC, CN = GTS Root R1 2 s:C = US, O = Google Trust Services LLC, CN = GTS Root R1 i:C = BE, O = GlobalSign nv-sa, OU = Root CA, CN = GlobalSign Root CA --- Server certificate -----BEGIN CERTIFICATE----- MIIOPTCCDSWgAwIBAgIRANtoSWtOF1D1Epn6e+2xIrgwDQYJKoZIhvcNAQELBQAw RjELMAkGA1UEBhMCVVMxIjAgBgNVBAoTGUdvb2dsZSBUcnVzdCBTZXJ2aWNlcyBM TEMxEzARBgNVBAMTCkdUUyBDQSAxQzMwHhcNMjMwNTI5MDgxNjE3WhcNMjMwODIx MDgxNjE2WjAXMRUwEwYDVQQDDAwqLmdvb2dsZS5jb20wWTATBgcqhkjOPQIBBggq hkjOPQMBBwNCAAQlZ/UFJBpIOeE+pgcobDF1oY6uFYylDkyFY2FG0B2mB1tjmZN+ HU+naG9pf1W4vcW8fxmI3r/4RqER8xybcDs9o4IMHjCCDBowDgYDVR0PAQH/BAQD AgeAMBMGA1UdJQQMMAoGCCsGAQUFBwMBMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYE FCFOpCmISZeVvyoo1+xW/LYezeQ6MB8GA1UdIwQYMBaAFIp0f6+Fze6VzT2c0OJG FPNxNR0nMGoGCCsGAQUFBwEBBF4wXDAnBggrBgEFBQcwAYYbaHR0cDovL29jc3Au cGtpLmdvb2cvZ3RzMWMzMDEGCCsGAQUFBzAChiVodHRwOi8vcGtpLmdvb2cvcmVw by9jZXJ0cy9ndHMxYzMuZGVyMIIJzQYDVR0RBIIJxDCCCcCCDCouZ29vZ2xlLmNv bYIWKi5hcHBlbmdpbmUuZ29vZ2xlLmNvbYIJKi5iZG4uZGV2ghUqLm9yaWdpbi10 ZXN0LmJkbi5kZXaCEiouY2xvdWQuZ29vZ2xlLmNvbYIYKi5jcm93ZHNvdXJjZS5n b29nbGUuY29tghgqLmRhdGFjb21wdXRlLmdvb2dsZS5jb22CCyouZ29vZ2xlLmNh ggsqLmdvb2dsZS5jbIIOKi5nb29nbGUuY28uaW6CDiouZ29vZ2xlLmNvLmpwgg4q Lmdvb2dsZS5jby51a4IPKi5nb29nbGUuY29tLmFygg8qLmdvb2dsZS5jb20uYXWC DyouZ29vZ2xlLmNvbS5icoIPKi5nb29nbGUuY29tLmNvgg8qLmdvb2dsZS5jb20u bXiCDyouZ29vZ2xlLmNvbS50coIPKi5nb29nbGUuY29tLnZuggsqLmdvb2dsZS5k ZYILKi5nb29nbGUuZXOCCyouZ29vZ2xlLmZyggsqLmdvb2dsZS5odYILKi5nb29n bGUuaXSCCyouZ29vZ2xlLm5sggsqLmdvb2dsZS5wbIILKi5nb29nbGUucHSCEiou Z29vZ2xlYWRhcGlzLmNvbYIPKi5nb29nbGVhcGlzLmNughEqLmdvb2dsZXZpZGVv LmNvbYIMKi5nc3RhdGljLmNughAqLmdzdGF0aWMtY24uY29tgg9nb29nbGVjbmFw cHMuY26CESouZ29vZ2xlY25hcHBzLmNughFnb29nbGVhcHBzLWNuLmNvbYITKi5n b29nbGVhcHBzLWNuLmNvbYIMZ2tlY25hcHBzLmNugg4qLmdrZWNuYXBwcy5jboIS Z29vZ2xlZG93bmxvYWRzLmNughQqLmdvb2dsZWRvd25sb2Fkcy5jboIQcmVjYXB0 Y2hhLm5ldC5jboISKi5yZWNhcHRjaGEubmV0LmNughByZWNhcHRjaGEtY24ubmV0 ghIqLnJlY2FwdGNoYS1jbi5uZXSCC3dpZGV2aW5lLmNugg0qLndpZGV2aW5lLmNu ghFhbXBwcm9qZWN0Lm9yZy5jboITKi5hbXBwcm9qZWN0Lm9yZy5jboIRYW1wcHJv amVjdC5uZXQuY26CEyouYW1wcHJvamVjdC5uZXQuY26CF2dvb2dsZS1hbmFseXRp Y3MtY24uY29tghkqLmdvb2dsZS1hbmFseXRpY3MtY24uY29tghdnb29nbGVhZHNl cnZpY2VzLWNuLmNvbYIZKi5nb29nbGVhZHNlcnZpY2VzLWNuLmNvbYIRZ29vZ2xl dmFkcy1jbi5jb22CEyouZ29vZ2xldmFkcy1jbi5jb22CEWdvb2dsZWFwaXMtY24u Y29tghMqLmdvb2dsZWFwaXMtY24uY29tghVnb29nbGVvcHRpbWl6ZS1jbi5jb22C FyouZ29vZ2xlb3B0aW1pemUtY24uY29tghJkb3VibGVjbGljay1jbi5uZXSCFCou ZG91YmxlY2xpY2stY24ubmV0ghgqLmZscy5kb3VibGVjbGljay1jbi5uZXSCFiou Zy5kb3VibGVjbGljay1jbi5uZXSCDmRvdWJsZWNsaWNrLmNughAqLmRvdWJsZWNs aWNrLmNughQqLmZscy5kb3VibGVjbGljay5jboISKi5nLmRvdWJsZWNsaWNrLmNu ghFkYXJ0c2VhcmNoLWNuLm5ldIITKi5kYXJ0c2VhcmNoLWNuLm5ldIIdZ29vZ2xl dHJhdmVsYWRzZXJ2aWNlcy1jbi5jb22CHyouZ29vZ2xldHJhdmVsYWRzZXJ2aWNl cy1jbi5jb22CGGdvb2dsZXRhZ3NlcnZpY2VzLWNuLmNvbYIaKi5nb29nbGV0YWdz ZXJ2aWNlcy1jbi5jb22CF2dvb2dsZXRhZ21hbmFnZXItY24uY29tghkqLmdvb2ds ZXRhZ21hbmFnZXItY24uY29tghhnb29nbGVzeW5kaWNhdGlvbi1jbi5jb22CGiou Z29vZ2xlc3luZGljYXRpb24tY24uY29tgiQqLnNhZmVmcmFtZS5nb29nbGVzeW5k aWNhdGlvbi1jbi5jb22CFmFwcC1tZWFzdXJlbWVudC1jbi5jb22CGCouYXBwLW1l YXN1cmVtZW50LWNuLmNvbYILZ3Z0MS1jbi5jb22CDSouZ3Z0MS1jbi5jb22CC2d2 dDItY24uY29tgg0qLmd2dDItY24uY29tggsybWRuLWNuLm5ldIINKi4ybWRuLWNu Lm5ldIIUZ29vZ2xlZmxpZ2h0cy1jbi5uZXSCFiouZ29vZ2xlZmxpZ2h0cy1jbi5u ZXSCDGFkbW9iLWNuLmNvbYIOKi5hZG1vYi1jbi5jb22CFGdvb2dsZXNhbmRib3gt Y24uY29tghYqLmdvb2dsZXNhbmRib3gtY24uY29tgh4qLnNhZmVudXAuZ29vZ2xl c2FuZGJveC1jbi5jb22CDSouZ3N0YXRpYy5jb22CFCoubWV0cmljLmdzdGF0aWMu Y29tggoqLmd2dDEuY29tghEqLmdjcGNkbi5ndnQxLmNvbYIKKi5ndnQyLmNvbYIO Ki5nY3AuZ3Z0Mi5jb22CECoudXJsLmdvb2dsZS5jb22CFioueW91dHViZS1ub2Nv b2tpZS5jb22CCyoueXRpbWcuY29tggthbmRyb2lkLmNvbYINKi5hbmRyb2lkLmNv bYITKi5mbGFzaC5hbmRyb2lkLmNvbYIEZy5jboIGKi5nLmNuggRnLmNvggYqLmcu Y2+CBmdvby5nbIIKd3d3Lmdvby5nbIIUZ29vZ2xlLWFuYWx5dGljcy5jb22CFiou Z29vZ2xlLWFuYWx5dGljcy5jb22CCmdvb2dsZS5jb22CEmdvb2dsZWNvbW1lcmNl LmNvbYIUKi5nb29nbGVjb21tZXJjZS5jb22CCGdncGh0LmNuggoqLmdncGh0LmNu ggp1cmNoaW4uY29tggwqLnVyY2hpbi5jb22CCHlvdXR1LmJlggt5b3V0dWJlLmNv bYINKi55b3V0dWJlLmNvbYIUeW91dHViZWVkdWNhdGlvbi5jb22CFioueW91dHVi ZWVkdWNhdGlvbi5jb22CD3lvdXR1YmVraWRzLmNvbYIRKi55b3V0dWJla2lkcy5j b22CBXl0LmJlggcqLnl0LmJlghphbmRyb2lkLmNsaWVudHMuZ29vZ2xlLmNvbYIb ZGV2ZWxvcGVyLmFuZHJvaWQuZ29vZ2xlLmNughxkZXZlbG9wZXJzLmFuZHJvaWQu Z29vZ2xlLmNughhzb3VyY2UuYW5kcm9pZC5nb29nbGUuY24wIQYDVR0gBBowGDAI BgZngQwBAgEwDAYKKwYBBAHWeQIFAzA8BgNVHR8ENTAzMDGgL6AthitodHRwOi8v Y3Jscy5wa2kuZ29vZy9ndHMxYzMvUU92SjBOMXNUMkEuY3JsMIIBBQYKKwYBBAHW eQIEAgSB9gSB8wDxAHYA6D7Q2j71BjUy51covIlryQPTy9ERa+zraeF3fW0GvW4A AAGIZstPKgAABAMARzBFAiEAkaZ4KEZDCfo0pI4ExanN+ydoS0savOtc8Rs0b8+m FwwCIGpTsy1bVEA5vFJEMoMHGWbFJPKzqsho9C5boRgJUpDsAHcAejKMVNi3LbYg 6jjgUh7phBZwMhOFTTvSK8E6V6NS61IAAAGIZstPWwAABAMASDBGAiEAnBcxwgHu GWM/m9HSNW/WbUekwjBaPBojH5sqg2Niy+gCIQCGxRD5SrnX+8d0Rc1SkMxRAEDC pB54n+bkvDY2Yd1fCjANBgkqhkiG9w0BAQsFAAOCAQEAix6VvDU0495lmpAsl8N7 bBOGo7zo0ZgQhJaJDdQ1Lmfmja3OmhgnZHuuPSuaIgaudMWgJBUtvuq14dR69hkO kRuUjrLmI6N4bZE96mFsKDCxHoqwvr1Z4ToyDZT/061ClJGXFSV4oVQnjgYQe4S9 HdgcgEf4VTvyXSPf9H101iL+f06BDRKbmYx2oDyvbvOAjZo7jA+5v43VwyvK5v4v /iKYcqhAU72B0zSEHrPhocDDGrr9AoPs2g1oMOhwixKb8bxamDtuu+ZW/24Fu8Lu Dk+PoroeBJSiqe+ufcKH4KM59Vsd7vp6Scfs7/iJ57EDwLdvOmIW/19OvhrNu+3W kA== -----END CERTIFICATE----- subject=CN = *.google.com issuer=C = US, O = Google Trust Services LLC, CN = GTS CA 1C3 --- No client certificate CA names sent Peer signing digest: SHA256 Peer signature type: ECDSA Server Temp Key: X25519, 253 bits --- SSL handshake has read 6780 bytes and written 388 bytes Verification: OK --- New, TLSv1.3, Cipher is TLS_AES_256_GCM_SHA384 Server public key is 256 bit Secure Renegotiation IS NOT supported Compression: NONE Expansion: NONE No ALPN negotiated Early data was not sent Verify return code: 0 (ok)
    0
  • polar504
    What is the output of: rpm -qa |grep -i openssl rpm -qa |grep -i curl Also, please confirm your exact OS version

    It is Operating System: AlmaLinux 8.8 (Sapphire Caracal) # rpm -qa |grep -i openssl alt-openssl11-libs-1.1.1p-2.el8.x86_64 cpanel-perl-536-crypt-openssl-rsa-0.33-1.cp108~el8.x86_64 cpanel-perl-536-crypt-openssl-x509-1.914-1.cp108~el8.x86_64 alt-openssl11-1.1.1p-2.el8.x86_64 cpanel-perl-536-crypt-openssl-bignum-0.09-1.cp108~el8.x86_64 cpanel-perl-536-crypt-openssl-dsa-0.20-1.cp108~el8.x86_64 cpanel-perl-536-crypt-openssl-ec-1.32-1.cp108~el8.x86_64 cpanel-perl-536-crypt-openssl-random-0.15-1.cp108~el8.x86_64 openssl-pkcs11-0.4.10-3.el8.x86_64 openssl-1.1.1k-9.el8_7.x86_64 openssl-libs-1.1.1k-9.el8_7.x86_64 alt-openssl-libs-1.0.2k-2.el8.cloudlinux.10.x86_64 openssl-devel-1.1.1k-9.el8_7.x86_64 [root@htz ~]# rpm -qa |grep -i curl cpanel-perl-536-net-curl-promiser-0.18-1.cp108~el8.noarch ea-php81-php-curl-8.1.20-1.1.1.cpanel.x86_64 curl-7.61.1-30.el8_8.2.x86_64 ea-php82-php-curl-8.2.7-1.1.1.cpanel.x86_64 libcurl-7.61.1-30.el8_8.2.x86_64 alt-curlssl11-7.84.0-1.el8.x86_64 cpanel-perl-536-net-curl-0.50-1.cp108~el8.x86_64 alt-libcurlssl11-7.84.0-1.el8.x86_64
    0
  • polar504
    Check through this list:
    0
  • cPRex Jurassic Moderator
    Have you tried disabling any local firewalls that may be in place? If that doesn't help, it might be best to reach out to WHMCS directly to see if you are blocked on their network somehow, or you could try performing additional network tests from your machine to their server.
    0
  • polar504
    Have you tried disabling any local firewalls that may be in place? If that doesn't help, it might be best to reach out to WHMCS directly to see if you are blocked on their network somehow, or you could try performing additional network tests from your machine to their server.

    there is no firewall. Whmcs support says this is server issue, not related to them. This is not just this api, the same for all.
    0
  • polar504
    This is a server wide issue, nothing to do with whmcs.
    0
  • vanessa
    My first step would be to reinstall all the system openssl and curl packages just to make sure the files in there are clean, especially if you tried to install over them with a compiled version. A previous screenshot you posted indicates that you're able to make a connection, but that OpenSSL isn't able to negotiate a handshake. There could be several reasons for this, but I'm guessing a borked OpenSSL install.
    0
  • polar504
    I found the solution! I had to install SSL on the hostname itself. From WHM I went to "Manage service ssl certificate" and install SSL on all services. Thanks everyone
    0
  • vanessa
    That's incredibly odd that it would affect outbound connections like that, but I'm glad you found the solution.
    0
  • cPRex Jurassic Moderator
    I also don't understand how that would have any affect on the openssl commands, but I'm glad that is working for you now.
    0

Please sign in to leave a comment.

Didn't find what you were looking for?

New post