cURL / Mailing Lists / curl-and-php / Single Mail

curl-and-php

Case of gnutls_handshake() failed: A TLS warning alert has been received.

From: Daniel Fylstra <Daniel_at_solver.com>
Date: Fri, 24 May 2013 23:33:02 +0000

I would appreciate any advice about this TLS warning situation:

I am calling a REST API via https with pretty standard parameters: https://api.social123.com/services/socialdata.php?rquest=searchcontactpoints&key=xxx&first_name=xxx&last_name=xxx&content_mention=NULL-NULL

Entering this URL in a browser (with an appropriate API key) yields the expected JSON result. When I try this in PHP on our server, I get "gnutls_handshake() failed: A TLS warning alert has been received" from curl_error(). I've read online about this error message, but I can't figure out what's happening in this situation.

A verbose error trace yields:

* About to connect() to api.social123.com port 443 (#0)
* Trying 198.199.79.238... * connected
* Connected to api.social123.com (198.199.79.238) port 443 (#0)
* found 141 certificates in /etc/ssl/certs/ca-certificates.crt
* gnutls_handshake() failed: A TLS warning alert has been received.
* Closing connection #0

From this code:

  $ch = curl_init();
  curl_setopt($ch, CURLOPT_URL, $url);
  curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
  curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
  curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
  curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
  curl_setopt($ch, CURLOPT_MAXREDIRS, 4000);
  curl_setopt($ch, CURLOPT_TIMEOUT, 30);
  curl_setopt($ch, CURLOPT_STDERR, fopen($path, 'w+'));
  curl_setopt($ch, CURLOPT_VERBOSE, 1);
  $json = curl_exec($ch);
  $errmsg = curl_error($ch);
  curl_close($ch);

(The high MAXREDIRS and TIMEOUT values were recommended by the social123 API provider; I don't think they matter to this problem.)

I cannot create or modify /etc/ssl/certs/ca-certificates.crt directly, but I can look at it, and indeed there are 141 certificates in that file. Am I hitting a limit on the number of certificates that this cURL version will handle? If that's not the issue ... how can I find out more about the reason for the TLS warning alert?

This is running on a server where I have limited control.
phpinfo() shows:
libcurl/7.19.7 GnuTLS/2.8.5 zlib/1.2.3.3 libidn/1.15
PHP Version 5.2.17 on an Unbuntu OS

Thanks in advance.

_______________________________________________
http://cool.haxx.se/cgi-bin/mailman/listinfo/curl-and-php
Received on 2013-05-25

This message: [ Message body ]
Next message: Daniel Stenberg: "Re: Case of gnutls_handshake() failed: A TLS warning alert has been received."
Next in thread: Daniel Stenberg: "Re: Case of gnutls_handshake() failed: A TLS warning alert has been received."
Reply: Daniel Stenberg: "Re: Case of gnutls_handshake() failed: A TLS warning alert has been received."

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]