Page 1 of 1

[1.15.3] HTTPS Feeds with TLS don't work

Posted: 23 Jan 2015, 15:44
by foo_mep2
i have the same problem with version 1.15.3. the error is:

Code: Select all

Couldn't download the specified URL: 35 error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure


in function.php i can't find

Code: Select all

if ((OPENSSL_VERSION_NUMBER >= 0x0090808f) && (OPENSSL_VERSION_NUMBER < 0x10000000)) {
curl_setopt($ch, CURLOPT_SSLVERSION, 3);
}


its delete in 1.15.3? i want to subscribe this feed: https://www.wallabag.org/feeds/all.atom.xml

the output on the command line "echo dechex(OPENSSL_VERSION_NUMBER).PHP_EOL;" is 009080ff

i hope anybody help me :) thx

Re: [1.9] HTTPS Feeds with TLS don't work anymore

Posted: 23 Jan 2015, 19:23
by fox
sorry about your broken shit curl or w/e it works for me fine

Re: [1.9] HTTPS Feeds with TLS don't work anymore

Posted: 23 Jan 2015, 23:44
by foo_mep2
fox wrote:sorry about your broken shit curl or w/e it works for me fine


do you mean you have up- or downdate your openssl version?
i'm not possible to do that because i have a shared hoster.

i have openssl version 0.9.8o (9080ff). which version i have to use?

Re: [1.9] HTTPS Feeds with TLS don't work anymore

Posted: 25 Jan 2015, 21:14
by foo_mep2
which version of openssl is requisite for ssl feeds?
maybe my hoster can update openssl for me :)

Re: [1.9] HTTPS Feeds with TLS don't work anymore

Posted: 25 Jan 2015, 21:22
by JustAMacUser
A similar error to what you described came up in a quick Google search for version 0.9.8. But it would be helpful to know which OS you're running. It's possible that the version of OpenSSL is the highest one the developers provide (only backporting security updates, for example).

Does this particular feed require SSL? Is it an authenticated feed (username and password)?

Provide some of that info and let's go from there.

Re: [1.15.3] HTTPS Feeds with TLS don't work

Posted: 26 Jan 2015, 11:42
by foo_mep2
Ok, the phpinfo(); show this information:

Code: Select all

PHP Version 5.4.36-1~he.0
System: Linux wp123 3.10.5-he-wp2005-x64+6+ #6 SMP Fri Jun 6 13:32:38 UTC 2014 x86_64
Server API: Apache 2.0 Handler

curl
SSL Version: OpenSSL/0.9.8o

openssl
OpenSSL support: enabled
OpenSSL Library Version: OpenSSL 0.9.8o 01 Jun 2010
OpenSSL Header Version: OpenSSL 0.9.8o 01 Jun 2010


I hope this helps you to find the problem

i have 2 feeds do not go:
https://hetzel.net/feed/
https://www.wallabag.org/feeds/all.atom.xml

they only have a https version and the feeds are not authenticated feeds.

Re: [1.15.3] HTTPS Feeds with TLS don't work

Posted: 26 Jan 2015, 16:04
by Athanasius
OpenSSL 0.9.8o won't work for hetzel.net - checked using https://www.ssllabs.com/ssltest/analyze ... .28.11.114 it says "OpenSSL 0.9.8y Protocol or cipher suite mismatch" (NB: note the footnote points out that a browser might still succeed if it tries other settings subsequently).

It's likely a result of hetzel.net tightening up their SSL settings in response to recent security vulnerabilities and recommendations.

Your only real solution is to get your provider to upgrade the OpenSSL lib (or tell you how to use a later one they do already have installed), or move provider.

I suspect your other problematic feed will show similar results but haven't checked.

Re: [1.15.3] HTTPS Feeds with TLS don't work

Posted: 26 Jan 2015, 17:07
by ZeGuigui
(i'm a spammer and a bad person)

Re: [1.15.3] HTTPS Feeds with TLS don't work

Posted: 28 Jan 2015, 23:32
by foo_mep2
Athanasius wrote:OpenSSL 0.9.8o won't work for hetzel.net - checked using https://www.ssllabs.com/ssltest/analyze ... .28.11.114 it says "OpenSSL 0.9.8y Protocol or cipher suite mismatch" (NB: note the footnote points out that a browser might still succeed if it tries other settings subsequently).

It's likely a result of hetzel.net tightening up their SSL settings in response to recent security vulnerabilities and recommendations.

Your only real solution is to get your provider to upgrade the OpenSSL lib (or tell you how to use a later one they do already have installed), or move provider.

I suspect your other problematic feed will show similar results but haven't checked.


thx, i don't know this website. ok, i think my hoster have a old version of openSSL. after i phoned with them but they can update openSSL.
i think i have to life with this problem. pity. or there is still a possibility to subscribe this ssl-feeds?

Re: [1.15.3] HTTPS Feeds with TLS don't work

Posted: 29 Jan 2015, 07:04
by JustAMacUser
Probably out of luck. This isn't a case of trusting a certificate, it's about the two machines speaking the same language.

You could always get a cheap VPS. Then you'd be able to control the software, libraries, etc. on it.

Re: [1.15.3] HTTPS Feeds with TLS don't work

Posted: 31 Jan 2015, 22:16
by foo_mep2
ok. thank you for help.