cURL error 35 when trying to connect


#1

Hello,

After configuring correctly the plugin to connect to my discourse installation, I get the dreaded “You are not connected to a Discourse forum. Please check your settings for ‘Discourse URL’, ‘API Key’, and ‘Publishing username’ Also, make sure that your Discourse forum is online.” error.

Using the Query monitor plugin, I get an insight of what’s not working (API key cleared myself when pasted here);

GET
https://foro.denki.es/users/system.json
?api_key=XXXXXXXXXXXXXXXX&api_username=system

Response -> cURL error 35: error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure

Investigating around it seems this might be a non updated curl issue, but it’s quite strange because I’ve got the latest version installed. What else could I do to solve this?


(Blake Erickson) #2

I’m not sure what your complete curl command looks like, but try this:

curl -i -H "Accept: application/json" -H "Content-Type: application/json" -X GET https://foro.denki.es/users/system.json

Since this isn’t a protected endpoint you don’t need the api_key and api_username, but they should still work.


#3

Hi Blake, thanks for your answer.

I’d love to try that, but unfortunately I don’t have ssh access to the host of the wordpress installation (in https://denki.es - trying to connect to a working discourse DO installation in https://foro.denki.es). Any other idea… ?


#4

BTW, my cURL version is 7.21.0 (using PHP version php to find out that).


#5

I see latest version of cURL is 7.53, maybe this could be the issue… ?


(Blake Erickson) #6

Just running that command from your local computer will work. If you are on windows you can install https://git-for-windows.github.io/ I think it has curl.

I don’t know if the version of curl matters or not.


#7

Ok, this is the result:

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 22 Feb 2017 18:34:49 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Discourse-Route: users/show
Cache-Control: no-store, must-revalidate, no-cache, private
Set-Cookie: _forum_session=WFFyWDBnRCtUaDR1SS9lRDkvUE1OSUp2Y0h1R2U4aE5LbXltc0ttVVJXVDVyNStrQlprRGlYcjBsY0hYZFdPUmF5Ym13K0ROVzdTK1VJbEIraURDc2c9PS0tSEVJanNic1lCV2lWaTRBbHpRVnREdz09--e9c68b658e3172ae0ec0044866d16bdc36d466fa; path=/; HttpOnly
X-Request-Id: cebb6bac-8057-49a9-b37b-208b6d50ae04
X-Runtime: 0.289703
Strict-Transport-Security: max-age=63072000
X-UA-Compatible: IE=edge

{"user_badges":[{"id":1,"granted_at":"2017-02-20T21:43:38.488Z","count":1,"post_id":11,"post_number":1,"badge_id":41,"user_id":-1,"granted_by_id":-1,"topic_id":8}],"badges":[{"id":41,"name":"Primer emoji","description":"Utilizó un emoji en un post","grant_count":1,"allow_title":false,"multiple_grant":false,"icon":"fa-certificate","image":null,"listable":true,"enabled":true,"badge_grouping_id":1,"system":true,"slug":"primer-emoji","badge_type_id":3}],"badge_types":[{"id":3,"name":"Bronze","sort_order":7}],"users":[{"id":-1,"username":"system","avatar_template":"/user_avatar/foro.denki.es/system/{size}/1_1.png","name":"system","moderator":true,"admin":true}],"topics":[{"id":8,"title":"Welcome to Discourse","fancy_title":"Welcome to Discourse","slug":"welcome-to-discourse","posts_count":1}],"user":{"id":-1,"username":"system","avatar_template":"/user_avatar/foro.denki.es/system/{size}/1_1.png","name":"system","last_posted_at":"2017-02-21T03:35:49.783Z","last_seen_at":null,"created_at":"2017-02-20T21:36:37.392Z","website_name":null,"can_edit":false,"can_edit_username":false,"can_edit_email":false,"can_edit_name":false,"can_send_private_messages":false,"can_send_private_message_to_user":false,"trust_level":4,"moderator":true,"admin":true,"title":null,"uploaded_avatar_id":1,"badge_count":1,"custom_fields":{},"pending_count":0,"profile_view_count":4,"primary_group_name":null,"primary_group_flair_url":null,"primary_group_flair_bg_color":null,"primary_group_flair_color":null,"invited_by":null,"groups":[{"id":1,"automatic":true,"name":"administradores","user_count":2,"alias_level":0,"visible":true,"automatic_membership_email_domains":null,"automatic_membership_retroactive":false,"primary_group":false,"title":null,"grant_trust_level":null,"has_messages":false,"flair_url":null,"flair_bg_color":null,"flair_color":null,"bio_raw":null,"bio_cooked":null,"public":false,"allow_membership_requests":false,"full_name":null},{"id":2,"automatic":true,"name":"moderadores","user_count":2,"alias_level":0,"visible":true,"automatic_membership_email_domains":null,"automatic_membership_retroactive":false,"primary_group":false,"title":null,"grant_trust_level":null,"has_messages":false,"flair_url":null,"flair_bg_color":null,"flair_color":null,"bio_raw":null,"bio_cooked":null,"public":false,"allow_membership_requests":false,"full_name":null},{"id":3,"automatic":true,"name":"staff","user_count":3,"alias_level":0,"visible":true,"automatic_membership_email_domains":null,"automatic_membership_retroactive":false,"primary_group":false,"title":null,"grant_trust_level":null,"has_messages":false,"flair_url":null,"flair_bg_color":null,"flair_color":null,"bio_raw":null,"bio_cooked":null,"public":false,"allow_membership_requests":false,"full_name":null},{"id":10,"automatic":true,"name":"nivel_de_confianza_0","user_count":3,"alias_level":0,"visible":true,"automatic_membership_email_domains":null,"automatic_membership_retroactive":false,"primary_group":false,"title":null,"grant_trust_level":null,"has_messages":false,"flair_url":null,"flair_bg_color":null,"flair_color":null,"bio_raw":null,"bio_cooked":null,"public":false,"allow_membership_requests":false,"full_name":null},{"id":11,"automatic":true,"name":"nivel_de_confianza_1","user_count":2,"alias_level":0,"visible":true,"automatic_membership_email_domains":null,"automatic_membership_retroactive":false,"primary_group":false,"title":null,"grant_trust_level":null,"has_messages":false,"flair_url":null,"flair_bg_color":null,"flair_color":null,"bio_raw":null,"bio_cooked":null,"public":false,"allow_membership_requests":false,"full_name":null},{"id":12,"automatic":true,"name":"nivel_de_confianza_2","user_count":1,"alias_level":0,"visible":true,"automatic_membership_email_domains":null,"automatic_membership_retroactive":false,"priiMac-Quad-Core-i7:~ Jose$ iMac-Quad-Core-i7:~ Jose$

(Simon Cossar) #8

Is the php-curl extension installed and enabled on the server for your WordPress site?


#9

Yes. This is the list of all the extensions installed…

Array ( [0] => Core [1] => date [2] => ereg [3] => libxml [4] => openssl [5] => pcre [6] => sqlite3 [7] => zlib [8] => bcmath [9] => bz2 [10] => calendar [11] => ctype [12] => curl [13] => dba [14] => dom [15] => hash [16] => fileinfo [17] => filter [18] => ftp [19] => gd [20] => gettext [21] => gmp [22] => SPL [23] => iconv [24] => session [25] => intl [26] => json [27] => mbstring [28] => mcrypt [29] => mysql [30] => mysqli [31] => PDO [32] => pdo_mysql [33] => pdo_pgsql [34] => pdo_sqlite [35] => pgsql [36] => standard [37] => posix [38] => pspell [39] => Reflection [40] => imap [41] => SimpleXML [42] => soap [43] => sockets [44] => Phar [45] => exif [46] => sysvmsg [47] => sysvsem [48] => sysvshm [49] => tokenizer [50] => wddx [51] => xml [52] => xmlreader [53] => xmlrpc [54] => xmlwriter [55] => xsl [56] => zip [57] => memcache [58] => cgi-fcgi [59] => mhash [60] => ionCube Loader [61] => Zend OPcache )


(Blake Erickson) #10

Sorry I didn’t catch on that the error came from the wp-discourse plugin I just saw the curl error and thought you were running curl directly from the command line.


#11

No problem, should have explained myself better.

Not having ssh access to my wordpress host makes everything more complicated. The only thing I could come up with for this issue is this thread at stackexchange; command line - How to fix curl sslv3 alert handshake failure? - Unix & Linux Stack Exchange

It might not be related, but people here could solve the problem updating cURL, in my case I thought I had the last version but I was wrong. Besides this, I don’t have idea on what could be failing.


(Simon Cossar) #12

You could try installing this plugin: TLS 1.2 Compatibility Test — WordPress Plugins
It adds an item to the WordPress tools menu that tests you webserver for TLS 1.2 compatibility against a PayPal endpoint. If it works with PayPal it should work with other endpoints as well.


#13

Hi Simon.

Installed it, and the test failed. The reason:

Current cURL Version 7.21.0 Upgrade to cURL version 7.34.0 or higher.

So as expected, that’s the issue. Since I can’t update cURL in this host, I guess I’m out of luck using this plugin… nothing you guys can do to make it work with cURL below version 7.34, I guess.


(Simon Cossar) #14

No, I don’t think so. You could probably get it working if you didn’t use https on your forum, but that’s not a great solution.

Unless your hosting provider can sort out the problem, the easiest solution would probably be to move your WordPress site to another server. It works with the DigitalOcean one-click WordPress install and Let’s Encrypt, if you install the php-curl extension.


#15

Ok, understood - I’ll think about all the possibilities. Thanks a lot for your help clarifying this!