guzzle: cURL error 35: Unknown SSL protocol error

Hi guys,

I have problems connecting with Guzzle through a proxy to any SSL site. If I try it with standard cURL in PHP it works fine, however, with Guzzle the connection fails and returns:

[GuzzleHttp\Exception\ConnectException]
cURL error 35: Unknown SSL protocol error in connection to api.ipify.org:443

The cURL code that works well:

    $options = array(
        CURLOPT_RETURNTRANSFER => true,
        CURLOPT_PROXY => '1.2.3.4:1234',
        CURLOPT_PROXYUSERPWD => "proxy:auth",
    );

    $ch      = curl_init( 'https://api.ipify.org?format=json' );
    curl_setopt_array( $ch, $options );
    $content = curl_exec( $ch );
    $err     = curl_errno( $ch );
    $errmsg  = curl_error( $ch );
    $header  = curl_getinfo( $ch );
    curl_close( $ch );

    $header['errno']   = $err;
    $header['errmsg']  = $errmsg;
    $header['content'] = $content;

    print_r($header);

The Guzzle code that fails:

    // http client
    $this->client = $client = new Client([
        'cookies' => true
    ]);

    $res = $this->client->request('GET', 'https://api.ipify.org?format=json', [
        'proxy' => 'https://proxy:auth@1.2.3.4:1234',
        'verify' => false,
        'curl' => [
            //CURLOPT_SSLVERSION => 3
            //CURLOPT_SSLVERSION => CURL_SSLVERSION_DEFAULT,
            CURLOPT_SSL_VERIFYPEER => false
        ],
    ]);

print_r($res);

Any ideas? I’m guessing it has something to do how Guzzle handles HTTP SSL requests, since it is also using cURL underlying, I am confused why this wouldn’t work.

Thanks

About this issue

  • Original URL
  • State: closed
  • Created 9 years ago
  • Comments: 18 (4 by maintainers)

Most upvoted comments

This worked for me: yum update nss

Source: https://serverfault.com/a/642203

+6
jorwan on Dec 13, 2017

try this into Dockerfile

RUN apt-get update -yqq \
 && apt-get install -y --no-install-recommends openssl \
 && sed -i 's,^\(MinProtocol[ ]*=\).*,\1'TLSv1.0',g' /etc/ssl/openssl.cnf \
 && sed -i 's,^\(CipherString[ ]*=\).*,\1'DEFAULT@SECLEVEL=1',g' /etc/ssl/openssl.cnf\
 && rm -rf /var/lib/apt/lists/*
+3
ruannawe on Mar 30, 2020

I’ve had a similar issue where I had to set the CURLOPT_SSLVERSION and it was only process of elimatination that I found the correct SSL protocol

See my issue and solution below; https://github.com/guzzle/guzzle/issues/1364

+2
OAFCROB on Jan 19, 2016

@tomavic I was calling a soap request inside a laravel controller using Guzzle, as it wasn’t working, I changed the code that made the request inside the controller and put it inside a Laravel Job and it ended up working, but soon after it stopped working again. So I don’t know what else to do: /

+1
ruannawe on Mar 30, 2020
Read more comments on GitHub
← guzzle: Connection or File Descriptor leak when HTTP Exception occurs in async batch
guzzle: Debug request option causes fatal error. →