cURL and HTTPS

I had an odd problem the other day whilst building a new WordPress-based ticketing site with payment integration with PayPal Pro. The standard PayPal integration worked fine, but the Pro version kept giving me errors saying that it couldn’t connect to PayPal.

The vendor was quick to reply, but wasn’t much help. Their first suggestion was to upgrade the plugin, which didn’t change anything, and the second was to disable all other plugins, which didn’t help either.

So I downloaded the site to my Mac, ran it using MAMP and used the excellent HTTP Scoop to check whether it was really connecting to PayPal. The answer was no, so I delved into the code and started to look at what it was doing.

The answer was that it was using cURL to connect to PayPal. So I ran a quick test to explore why it wasn’t working and found that:

  1. It worked fine with an HTTP URL
  2. Although there were various suggestions around using directives, specifying alternate protocols etc, none of these seemed to work with the PayPal server

So I wondered whether it might work in curl at the command line (the -v is for verbose output).

curl -v https://api-3t.sandbox.paypal.com/nvp

That gave a message which suggested that there was a problem with the SSL handshake.Researching a little further, it seemed that there might be a problem with openssl or the version of curl itself.

At this point I didn’t want to start messing with the version of curl on my Mac, but went instead and tried on a development server that I had access to and upgraded the version of openssl to 1.0.1. That seemed to resolve the problem there, so I then checked on the client’s server and whilst they were running openssl 1.0.1, their version of curl was relatively old (7.19.0) so, after checking the backups I upgraded curl and it worked at command line. A quick run of my test script suggested that it was working, and when I went back to the site, the integration was working properly.  I should add that I didn’t have to upgrade PHP itself.

So there you go, if you can’t get cURL connecting via SSL, check your openssl and curl versions and check that both are up to date.