PHPCurl e curl falhando com o erro “SSL ler: erro: 00000000: lib (0): func (0): razão (0), errno 104”

2

Desde a atualização para o Ubuntu 12.04, comecei a receber erros nos pedidos de curl baseados em SSL para os servidores de verificação da Apple. Isso acontece em todos os meus servidores 12.04.

Usando este comando curl -Iv https://buy.itunes.apple.com/verifyReceipt ou biblioteca de curl do PHP Eu recebo este erro SSL read: error:00000000:lib(0):func(0):reason(0), errno 104

Aqui estão alguns detalhes sobre as caixas que agora falham

curl/7.22.0 libcurl/7.22.0 OpenSSL/1.0.1 zlib/1.2.3.4 libidn/1.23 librtmp/2.3

O comando continua a funcionar em servidores com 10.04.4 LTS

curl/7.19.7 libcurl/7.19.7 OpenSSL/0.9.8k zlib/1.2.3.3 libidn/1.15

Qualquer ajuda seria apreciada.

EDIT: saída OPENSSL

CONNECTED(00000003)
depth=2 C = US, O = "VeriSign, Inc.", OU = VeriSign Trust Network, OU = "(c) 2006 VeriSign, Inc. - For authorized use only", CN = VeriSign Class 3 Public Primary Certification Authority - G5
verify error:num=20:unable to get local issuer certificate
verify return:0
---
Certificate chain
 0 s:/1.3.6.1.4.1.311.60.2.1.3=US/1.3.6.1.4.1.311.60.2.1.2=California/businessCategory=Private Organization/serialNumber=C0806592/C=US/postalCode=95014/ST=California/L=Cupertino/street=1 Infinite Loop/O=Apple Inc./OU=iTMS Engineering/CN=buy.itunes.apple.com
   i:/C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=Terms of use at https://www.verisign.com/rpa (c)06/CN=VeriSign Class 3 Extended Validation SSL SGC CA
 1 s:/C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=Terms of use at https://www.verisign.com/rpa (c)06/CN=VeriSign Class 3 Extended Validation SSL SGC CA
   i:/C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=(c) 2006 VeriSign, Inc. - For authorized use only/CN=VeriSign Class 3 Public Primary Certification Authority - G5
 2 s:/C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=(c) 2006 VeriSign, Inc. - For authorized use only/CN=VeriSign Class 3 Public Primary Certification Authority - G5
   i:/C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification Authority
---
Server certificate
-----BEGIN CERTIFICATE-----
*snip
-----END CERTIFICATE-----
subject=/1.3.6.1.4.1.311.60.2.1.3=US/1.3.6.1.4.1.311.60.2.1.2=California/businessCategory=Private Organization/serialNumber=C0806592/C=US/postalCode=95014/ST=California/L=Cupertino/street=1 Infinite Loop/O=Apple Inc./OU=iTMS Engineering/CN=buy.itunes.apple.com
issuer=/C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=Terms of use at https://www.verisign.com/rpa (c)06/CN=VeriSign Class 3 Extended Validation SSL SGC CA
---
No client certificate CA names sent
---
SSL handshake has read 6686 bytes and written 536 bytes
---
New, TLSv1/SSLv3, Cipher is RC4-MD5
Server public key is 2048 bit
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
SSL-Session:
    Protocol  : TLSv1
    Cipher    : RC4-MD5
    Session-ID: 2B2D7AA20CA51CD6A0F962E7AC3F96C8B17C4CE9CEA2C386916772949693A93A
    Session-ID-ctx:
    Master-Key: A854A46411B4C710FCD822143E5EE305F2D6C4896BD4E008AD01DC31DCCAE76D9C1679184F11905C68F792A40CB56801
    Key-Arg   : None
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    Start Time: 1345955495
    Timeout   : 300 (sec)
    Verify return code: 20 (unable to get local issuer certificate)
---
    
por AWinter 24.08.2012 / 13:57

1 resposta

2

O problema foi resolvido nas últimas atualizações do Ubuntu 12.04.

    
por 14.09.2012 / 12:08

Tags