PHP curl_exec failing with HTTPS

by

I have a wordpress site that its failing. I tracked the issue and I found that is due to curl_exec() failing with HTTPS sites.

I’m running php 5.6 in a Alpine Linux v3.8 container with lighttpd.

The logs (error.log) don’t give too much information:

(http-header-glue.c.1250) read(): Connection reset by peer 8 9
(gw_backend.c.2149) response not received, request sent: 1017 on socket: unix:/var/run/lighttpd/php.socket-0 for /curl_test.php?, closing connection

These are the related packages which are installed:

php5-common-5.6.40-r0
php5-cgi-5.6.40-r0
php5-gd-5.6.40-r0
php5-iconv-5.6.40-r0
php5-json-5.6.40-r0
php5-mysqli-5.6.40-r0
php5-zip-5.6.40-r0
php5-xml-5.6.40-r0
php5-dom-5.6.40-r0
php5-intl-5.6.40-r0
php5-ctype-5.6.40-r0
php5-mysql-5.6.40-r0
php5-openssl-5.6.40-r0
php5-curl-5.6.40-r0
curl-7.61.1-r2
libcurl-7.64.1-r1
libssl1.1-1.1.1b-r1
ssl_client-1.30.1-r1
libressl2.7-libcrypto-2.7.5-r0
libressl2.7-libssl-2.7.5-r0
libssl1.0-1.0.2r-r0
lighttpd-1.4.53-r1
lighttpd-openrc-1.4.53-r1
openssl-1.0.2r-r0
ca-certificates-cacert-20190108-r0
ca-certificates-20190108-r0

I have tried to display errors on screen (using error_reporting, etc) but it seems that its crashing before being able to get the error.

I found this similar question, but I believe its not about the code, but more about some library or setting missing in my installation.

The code I’m using for testing is:

error_reporting(E_ALL); ini_set('display_errors', 1);
$curl = curl_init( 'https://example.com' );
curl_setopt($curl, CURLOPT_CAINFO, '/etc/lighttpd/cacert.pem');
curl_setopt($curl, CURLOPT_CAPATH, '/etc/ssl/certs');
curl_setopt( $curl, CURLOPT_POST, true );
curl_setopt( $curl, CURLOPT_POSTFIELDS, array( 'field1' => 'some data', 'field2' => 'some more data' ) );
curl_setopt( $curl, CURLOPT_RETURNTRANSFER, true );
$response = curl_exec( $curl );
curl_close( $curl );

Note: I downloaded cacert.pem from here, and /etc/ssl/certs/ is not empty.

The error displayed is: “500 Internal Server Error”.

Not even disabling SSL check works:

curl_setopt($curl, CURLOPT_VERBOSE, true);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);

All works if instead of “https” I change it to “http”.

What am I missing?

UPDATE (1)

Following this question I executed:

$w = stream_get_wrappers();
echo 'openssl: ',  extension_loaded  ('openssl') ? 'yes':'no', "\n";
echo 'http wrapper: ', in_array('http', $w) ? 'yes':'no', "\n";
echo 'https wrapper: ', in_array('https', $w) ? 'yes':'no', "\n";
echo 'wrappers: ', var_export($w);

The result is:

openssl: yes
http wrapper: yes
https wrapper: yes
wrappers: array (
  0 => 'compress.zlib',
  1 => 'php',
  2 => 'file',
  3 => 'glob',
  4 => 'data',
  5 => 'http',
  6 => 'ftp',
  7 => 'https',
  8 => 'ftps',
  9 => 'zip',
)

Note: allow_url_fopen is on.

UPDATE (2)

I moved the site into a fresh container and it works fine. Some library or something was causing this issue.

Answer

I faced this issue in another container and updating to php7 solved the issue.

Attribution
Source : Link , Question Author : lepe , Answer Author : lepe

Leave a Comment