【发布时间】:2019-09-03 05:42:02
【问题描述】:
我正在尝试向外部 API 发出 POST 请求(代码如下)。我设法让 curl 编码在我的本地主机上工作,但是当我转到我的登台服务器时,curl 返回错误Peer reports incompatible or unsupported protocol version(35)。从读到这里,我需要添加一个错误缓冲区以获取更多调试信息,但文档令人困惑。
然而,当我直接在服务器终端中发出 curl 请求时,我收到了成功的连接。这让我非常困惑,因为服务器显然能够发出 curl 请求。
PHP 卷曲代码
$curl = curl_init();
curl_setopt_array($curl, array(
CURLOPT_URL => $url,
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "POST",
CURLOPT_POSTFIELDS => json_encode($body),
CURLOPT_HTTPHEADER => $header,
));
$response = curl_exec($curl);
$err = curl_error($curl);
echo "response: " . $response;
echo "<br><br>error: " . $err;
curl_close($curl);
服务器卷曲响应 卷曲https://support.zendesk.com/api/v2/users/create_or_update.json
* About to connect() to support.zendesk.com port 443 (#0)
* Trying 104.16.51.111...
* Connected to support.zendesk.com (104.16.51.111) port 443 (#0)
* Initializing NSS with certpath: sql:/etc/pki/nssdb
* CAfile: /etc/pki/tls/certs/ca-bundle.crt
CApath: none
* SSL connection using TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
* Server certificate:
* subject: CN= support.zendesk.com,O="CloudFlare, Inc.",L=San Francisco,ST=CA,C=US
* start date: Mar 08 00:00:00 2019 GMT
* expire date: Mar 08 12:00:00 2020 GMT
* common name: support.zendesk.com
* issuer: CN=CloudFlare Inc ECC CA-2,O="CloudFlare, Inc.",L=San Francisco,ST=CA,C=US
> GET /api/v2/users/create_or_update.json HTTP/1.1
> User-Agent: curl/7.29.0
> Host: support.zendesk.com
> Accept: */*
>
< HTTP/1.1 401 Unauthorized
< Date: Fri, 12 Apr 2019 12:52:28 GMT
< Content-Type: application/json; charset=UTF-8
< Content-Length: 37
< Connection: keep-alive
< Set-Cookie: __cfduid=da0ecd56691c96b9b3dac091df58383d51555073548; expires=Sat, 11-Apr-20 12:52:28 GMT; path=/; domain=.ralphandrussoclientcare.zendesk.com; HttpOnly
< WWW-Authenticate: Basic realm="Web Password"
< Strict-Transport-Security: max-age=31536000;
< Cache-Control: no-cache
< X-Zendesk-Origin-Server: app23.pod17.euw1.zdsys.com
< X-Request-Id: 4c65566eacc82981-DUB
< X-Runtime: 0.032000
< X-Zendesk-Request-Id: 3360f95a861586e6f414
< Set-Cookie: __cfruid=7af98f1cbac97922c1c15b82f7c133c3945a446e-1555073548; path=/; domain=.ralphandrussoclientcare.zendesk.com; HttpOnly
< Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
< Server: cloudflare
< CF-RAY: 4c65566eacc82981-DUB
<
* Connection #0 to host support.zendesk.com left intact
{"error":"Couldn't authenticate you"}
【问题讨论】:
-
什么是
-sslv4? cURL 只支持--sslv2和--sslv3,两者都被认为是不安全的。我不认为有人再使用它们了。另请参阅curl(1)man page。 -
@jww 我是 cURL 的新手,我只是跑了 sslv 数字,直到它连接起来,奇怪的是 4,你有什么建议?响应,使用 TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 的 SSL 连接
-
从暂存服务器发布 CURLOPT_VERBOSE 日志不起作用的地方。如果你不知道如何在那里捕获它,因为它是在 stderr 上发送的,这会将它发布到 php 的标准输出中:
$stderrh=tmpfile();curl_setopt($ch,CURLOPT_STDERR,$stderrh);curl_exec($ch);rewind($stderrh);/*https://bugs.php.net/bug.php?id=76268*/ $stderr=stream_get_contents($stderrh);fclose($stderrh);var_dump($stderr); -
@hanshenrik 非常感谢您为我指明了正确的方向。按照这篇文章 (stackoverflow.com/questions/30145089/…) 中的答案,我使用了 SSLV 6,它允许我提出请求