Php curl version update

cURL update

You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.

kwdamp

Well-Known Member

Is there an easy way to update cURL to the latest version if we’re using easyApache 4?

Problem I’m trying to solve: I’m running into an intermittent error trying to use cURL to connect to a website that uses cloudflare.
«SSL: no alternative certificate subject name matches target host name (redacted for privacy)»

Seems like the version of cURL on the server is 7.29 and the latest version is 7.77. Thought updating would be a logical first step to troubleshoot this as I know they have addressed a lot of SSL/TSL changes throughout version 7.

Other suggestions for solving the problem would also be appreciated. But I’ve played around a lot with the basic curl_setopt’s and things like not verifying the peer/host don’t fix the problem (one has no effect, the other results in a 404 file not found error). Restarting the server usually fixes the problem. So that makes me think it might be a caching / dns / cert.pem issue.

cPRex

Jurassic Moderator

Hey there! cPanel itself doesn’t handle curl, as the version number you reference, 7.29, is from CentOS 7 directly:

]# rpm -qa | grep curl curl-7.29.0-59.el7_9.1.x86_64

It’s not recommended to try and update curl outside of what the operating system supports as you can run into odd dependency problems and unsupported behavior from other applications.

There are newer versions of curl with each PHP version. For example, here is the list of PHP curl versions I have installed on my personal machine:

ea-php56-php-curl-5.6.40-18.20.1.cpanel.x86_64 ea-php70-php-curl-7.0.33-20.22.1.cpanel.x86_64 ea-php71-php-curl-7.1.33-11.13.1.cpanel.x86_64 ea-php72-php-curl-7.2.34-5.7.1.cpanel.x86_64 ea-php73-php-curl-7.3.28-1.6.1.cpanel.x86_64 ea-php74-php-curl-7.4.20-1.3.1.cpanel.x86_64 ea-php80-php-curl-8.0.7-1.1.2.cpanel.x86_64

so I’m wondering if trying a newer version of PHP on that particular domain would provide better results.

kwdamp

Well-Known Member

Hey there! cPanel itself doesn’t handle curl, as the version number you reference, 7.29, is from CentOS 7 directly:

]# rpm -qa | grep curl curl-7.29.0-59.el7_9.1.x86_64

It’s not recommended to try and update curl outside of what the operating system supports as you can run into odd dependency problems and unsupported behavior from other applications.

There are newer versions of curl with each PHP version. For example, here is the list of PHP curl versions I have installed on my personal machine:

ea-php56-php-curl-5.6.40-18.20.1.cpanel.x86_64 ea-php70-php-curl-7.0.33-20.22.1.cpanel.x86_64 ea-php71-php-curl-7.1.33-11.13.1.cpanel.x86_64 ea-php72-php-curl-7.2.34-5.7.1.cpanel.x86_64 ea-php73-php-curl-7.3.28-1.6.1.cpanel.x86_64 ea-php74-php-curl-7.4.20-1.3.1.cpanel.x86_64 ea-php80-php-curl-8.0.7-1.1.2.cpanel.x86_64

so I’m wondering if trying a newer version of PHP on that particular domain would provide better results.

Thanks for the response! I am running php 8.0 on that account. So I may need to attack this from a different direction.

Do you have any idea what would be «refreshing» with a server reboot that would be remedying the problem?

I’m wondering if there is a command I could use to refresh the dns / cache / or cert files.

cPRex

Jurassic Moderator

If it’s an intermittent issue, it could be that the reboot isn’t actually related to the problem at all — I wouldn’t expect a reboot to change how a curl connection is handled.

Do you have a way to contact the system you are connecting to so they could check for errors on their end?

kwdamp

Well-Known Member

If it’s an intermittent issue, it could be that the reboot isn’t actually related to the problem at all — I wouldn’t expect a reboot to change how a curl connection is handled.

Do you have a way to contact the system you are connecting to so they could check for errors on their end?

I do know they use cloudflare though. And my best guess is some responses are cached and some aren’t. The SSL cert also lists both the domain holder and cloudflare. So I don’t know if curl honors responses from both domains or just one of them.

It’s very strange and I’ve been trouble shooting it for dang near a month now.

cPRex

Jurassic Moderator

Here is perhaps a better test that would help isolate the issue. During the times when you get the SSL error, are you able to curl another https site? For example, just running this would let you connect to Google:

If that works at the same time the other site fails, you can be confident it’s an issue with the remote system and not a problem with your server.

rscalover

Well-Known Member

I had a similar issue in the past with cURL i fixed that by setting curl.cainfo in php.ini to= «/etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem»

kwdamp

Well-Known Member

Here is perhaps a better test that would help isolate the issue. During the times when you get the SSL error, are you able to curl another https site? For example, just running this would let you connect to Google:

If that works at the same time the other site fails, you can be confident it’s an issue with the remote system and not a problem with your server.

This just keeps getting more strange. I was able to connect to another site via curl after it stopped working for the site in question. Yes.

Additionally, when I tried to access the site in question via the curl command line, it tried to connect to MY IP ADDRESS and use MY SERVER’S SSL certificate to authenticate.

What does that mean? Why would curl ever resolve another domain to my IP address?

And sorry for all the vague «my site» and «site in question» stuff. I’m just hesitant to post direct website IP’s and related domain names in a public forum. I really appreciate you taking the time to talk me through this as well. I know it’s well beyond basic cpanel help.

kwdamp

Well-Known Member

I had a similar issue in the past with cURL i fixed that by setting curl.cainfo in php.ini to= «/etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem»

I think this may be my next step. So, is this pointing curl to an alternate list of SSL certificates and associated domains on the server?

What if my file isn’t located there?

Edit: I dumped the default cert information in php/curl and got this back. Can you make heads or tails of it? Anything look out of place?

array(8) <
[«default_cert_file»]=> string(45) «/opt/cpanel/ea-openssl11/etc/pki/tls/cert.pem»
[«default_cert_file_env»]=> string(13) «SSL_CERT_FILE»
[«default_cert_dir»]=> string(42) «/opt/cpanel/ea-openssl11/etc/pki/tls/certs»
[«default_cert_dir_env»]=> string(12) «SSL_CERT_DIR»
[«default_private_dir»]=> string(44) «/opt/cpanel/ea-openssl11/etc/pki/tls/private»
[«default_default_cert_area»]=> string(36) «/opt/cpanel/ea-openssl11/etc/pki/tls»
[«ini_cafile»]=> string(0) «»
[«ini_capath»]=> string(0) «»
>

rscalover

Well-Known Member

I think this may be my next step. So, is this pointing curl to an alternate list of SSL certificates and associated domains on the server?

What if my file isn’t located there?

Edit: I dumped the default cert information in php/curl and got this back. Can you make heads or tails of it? Anything look out of place?

array(8) [«default_cert_file»]=> string(45) «/opt/cpanel/ea-openssl11/etc/pki/tls/cert.pem»
[«default_cert_file_env»]=> string(13) «SSL_CERT_FILE»
[«default_cert_dir»]=> string(42) «/opt/cpanel/ea-openssl11/etc/pki/tls/certs»
[«default_cert_dir_env»]=> string(12) «SSL_CERT_DIR»
[«default_private_dir»]=> string(44) «/opt/cpanel/ea-openssl11/etc/pki/tls/private»
[«default_default_cert_area»]=> string(36) «/opt/cpanel/ea-openssl11/etc/pki/tls»
[«ini_cafile»]=> string(0) «»
[«ini_capath»]=> string(0) «»
>

There should be a file your server operating system trusts the path i mentioned is for centos if that path is no good for you try to google your server os + curl configuration.Do note that server administrators can restrict cURL requests or that website you are trying to reach is using CORS (Cross Origin Resource Sharing) or CSP (Content Security Policy) you can check if this is the case in the http headers.

This is a personal opinion but unless you are trying to reach some remote api service using cURL is seen as «suspicious» by most server administrators and thus blocked.

Источник

BrainyCP

для PHP 7.4 модуль brotli доступен в панели из списка дополнительных расширений. Модуль curl устанавливается по умолчанию вместе с установкой самого пхп.
Проверить наличие этих модулей можно дав команды в консоли с правами рута

/usr/bin/php74/bin/php -ii | grep curl /usr/bin/php74/bin/php -ii | grep brotli

Re: Как обновить curl в связке с PHP

Сообщение Nnm41 » Чт мар 09, 2023 5:00 am

для PHP 7.4 модуль brotli доступен в панели из списка дополнительных расширений. Модуль curl устанавливается по умолчанию вместе с установкой самого пхп.
Проверить наличие этих модулей можно дав команды в консоли с правами рута

/usr/bin/php74/bin/php -ii | grep curl /usr/bin/php74/bin/php -ii | grep brotli

Centros 7, brolti есть как отдельно, он работает нормально, но есть еще параметр brolti в самом curl, нужно пересобрать файл curl.so с параметром —with-brotli под php 7.4.
Не могли бы вы собрать файл curl.so, с параметром —with-brotli?

Re: Как обновить curl в связке с PHP

Сообщение sbury » Чт мар 09, 2023 9:31 am

Re: Как обновить curl в связке с PHP

Сообщение Nnm41 » Чт мар 09, 2023 11:17 am

[root@server ~]# curl -V
curl 7.60.0 (x86_64-redhat-linux-gnu) libcurl/7.60.0 OpenSSL/1.0.2r zlib/1.2.11 libidn2/2.0.4 libpsl/0.19.1 (+l
ibidn2/2.0.4) libssh/0.7.4/openssl/zlib nghttp2/1.34.0
Release-Date: 2018-05-16
Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps pop3 pop3s rtsp scp sftp smb smbs smtp sm
tps telnet tftp
Features: AsynchDNS IDN IPv6 Largefile GSS-API Kerberos SPNEGO NTLM NTLM_WB SSL libz HTTP2 UnixSockets HTTPS-pr
oxy PSL Metalink

Источник

Update PHP to use latest Curl Version

Edit: you can update libcurl by using the following commands:

sudo apt-get update sudo apt-get install php5-curl 

sudo service apache2 restart 

sudo service php5-fpm restart 

Related videos on Youtube

Mark

Updated on September 18, 2022

Comments

We have installed Curl 7.46.0 but PHP is still referencing 7.35.0 How do we get PHP to use the latest installed version curl—version shows correct version running but php working with previous version Thanks

Welcome to Ask Ubuntu! Whilst this may theoretically answer the question, it would be preferable to include the essential parts of the answer here, and provide the link for reference.

Источник

Update PHP to use latest Curl Version

Edit: you can update libcurl by using the following commands:

sudo apt-get update sudo apt-get install php5-curl 

sudo service apache2 restart 

sudo service php5-fpm restart 

Related videos on Youtube

Mark

Updated on September 18, 2022

Comments

We have installed Curl 7.46.0 but PHP is still referencing 7.35.0 How do we get PHP to use the latest installed version curl—version shows correct version running but php working with previous version Thanks

Welcome to Ask Ubuntu! Whilst this may theoretically answer the question, it would be preferable to include the essential parts of the answer here, and provide the link for reference.

Источник

Update cURL for EasyApache 4 to the latest version

EasyApache 4 from the cPanel environment is using a very old curl version. You may have issues with shop carts like WHMCS which gives you the following error message when going to Help->System Health Status.

You currently have version 7.29.0 of cURL installed. This version is known to have security issues. Please update to the latest cURL and ensure it is greater than 7.35.0.

First let’s check the present PHP 7 cURL version:

root@web [~]# php -r '$info = curl_version();echo $info["version"]."\n";' 7.29.0 root@web [~]#

Using the instructions from this cPanel Feature Request we will update curl to the latest version:

1. Make a backup copy of the file /etc/yum.repos.d/EA4.repo

cp /etc/yum.repos.d/EA4.repo /etc/yum.repos.d/EA4.repo.bak

2. Edit the file /etc/yum.repos.d/EA4.repo
Comment out the “mirrorlist” line and add one of the following lines according to your operating system.

CentOS 6 - 32bit: baseurl=http://ea4testing.cpanel.net/CentOS/6/EA4/i686/ CentOS 6 - 64bit: baseurl=http://ea4testing.cpanel.net/CentOS/6/EA4/x86_64/ CentOS 7 - 64bit: baseurl=http://ea4testing.cpanel.net/CentOS/7/EA4/x86_64/

3. Run the yum update command.
With this action, about 80 packages were updated on our test server. Let’s check again the PHP cURL version

root@web [~]# php -r '$info = curl_version();echo $info["version"]."\n";' 7.53.1 root@web [~]#

As you can it see we have now the latest version. It will be released to all EA4 systems during next week. Also, the WHMCS warning message is gone.

Update 21 March 2017: the new curl version is available to all EA4 systems.

Источник