Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

SOLVED cURL Error(7)

Discussion in 'General Discussion' started by eVdaimon, Jan 14, 2019.

  1. eVdaimon

    eVdaimon Member

    Joined:
    Jun 1, 2011
    Messages:
    9
    Likes Received:
    2
    Trophy Points:
    53
    Hi,

    When using cURL at a PHP script, it produces error (7) at times.

    I notice this on PayPal IPN script and Facebook login scripts which both use cURL.

    Here is a sample error message:
    PHP Fatal error: Uncaught exception 'Exception' with message 'cURL error: [7] Failed to connect to ipnpb.paypal.com port 443: Connection refused'

    When I try using fsockopen for PayPal IPN, the error goes away. So, I already have a workaround. I am interested though to solve the cURL problem.

    When the error hits, the only way I have to fix it, is to UPDATE WHM. When I update WHM, it is fixed. I suspect that during WHM update, something is restarted perhaps. What could this be?

    Is perhaps cURL failing at some way? Perhaps tailwatchd could be helpful at such?

    The frequency is random and I do not know what causes it. It can be once per day or once per week. There is no standard. I do update WHM daily anyway, to auto fix this, just in case.

    However, when I read the update log, I see no reported issues. Everything seem fine.

    This is not a firewall issue. I have already checked this. In general, I have checked a lot of things over... the years for this issue. I have found ways to work around it but it would be great if I could fix it at the first place.

    Thank you
     
  2. cPanelLauren

    cPanelLauren Forums Analyst II Staff Member

    Joined:
    Nov 14, 2017
    Messages:
    5,815
    Likes Received:
    444
    Trophy Points:
    233
    Location:
    Houston
    cPanel Access Level:
    DataCenter Provider
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. eVdaimon

    eVdaimon Member

    Joined:
    Jun 1, 2011
    Messages:
    9
    Likes Received:
    2
    Trophy Points:
    53
    Thank you for your response.

    I have came across one of the links. Following the other one, I found different versions for openssl on the machine:

    Code:
    [root ~]# php --ri openssl
    
    openssl
    
    OpenSSL support => enabled
    OpenSSL Library Version => OpenSSL 1.0.2q  20 Nov 2018
    OpenSSL Header Version => OpenSSL 1.0.2q  20 Nov 2018
    Openssl default config => /opt/cpanel/ea-openssl/etc/pki/tls/openssl.cnf
    
    Code:
    [root ~]# openssl
    OpenSSL> version
    OpenSSL 1.0.1e-fips 11 Feb 2013
    
    Code:
     ~]# yum info openssl
    Installed Packages
    Name        : openssl
    Arch        : x86_64
    Version     : 1.0.1e
    Release     : 57.el6
    Size        : 4.1 M
    Repo        : installed
    From repo   : base
    Summary     : A general purpose cryptography library with TLS implementation
    URL         : http://www.openssl.org/
    License     : OpenSSL
    
    I also found this similar forums topic that has no final solution for the same issue: Issue with openssl version after update
     
  4. cPanelLauren

    cPanelLauren Forums Analyst II Staff Member

    Joined:
    Nov 14, 2017
    Messages:
    5,815
    Likes Received:
    444
    Trophy Points:
    233
    Location:
    Houston
    cPanel Access Level:
    DataCenter Provider
    Hi @eVdaimon


    Can you run the following on your server and let me know the output?

    Code:
    rpm -qa |grep openssl
    Thanks!
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  5. eVdaimon

    eVdaimon Member

    Joined:
    Jun 1, 2011
    Messages:
    9
    Likes Received:
    2
    Trophy Points:
    53
    Here it is:
    Code:
    [root]# rpm -qa |grep openssl
    ea-openssl-1.0.2q-1.1.1.cpanel.x86_64
    openssl-devel-1.0.1e-57.el6.x86_64
    openssl-1.0.1e-57.el6.x86_64
    [root]#
    
     
  6. cPanelLauren

    cPanelLauren Forums Analyst II Staff Member

    Joined:
    Nov 14, 2017
    Messages:
    5,815
    Likes Received:
    444
    Trophy Points:
    233
    Location:
    Houston
    cPanel Access Level:
    DataCenter Provider
    Hi @eVdaimon

    If you run
    Code:
    yum check-update openssl
    is there an update available? If not do you have anything excluding OpenSSL updates in /etc/yum.conf?
    Code:
    grep "exclude" /etc/yum.conf
    Also if you go to WHM>>Service Configuration>>Apache Configuration -> Global Configuration ->SSL/TLS Protocols can you tell me what protocols are enabled?

    Thanks!
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  7. eVdaimon

    eVdaimon Member

    Joined:
    Jun 1, 2011
    Messages:
    9
    Likes Received:
    2
    Trophy Points:
    53
    I do not see an update:
    Code:
    # yum check-update openssl
    Loaded plugins: fastestmirror, security, universal-hooks
    Loading mirror speeds from cached hostfile
     * EA4: 208.74.123.62
     * cpanel-addons-production-feed: 208.74.123.62
     * base: repos.dfw.quadranet.com
     * epel: d2lzkl7pfhq30w.cloudfront.net
     * extras: repos.dfw.quadranet.com
     * updates: repos.dfw.quadranet.com
    

    Here are the exclude options:
    Code:
    ]# grep "exclude" /etc/yum.conf
    exclude=bind-chroot courier* dovecot* exim* filesystem httpd* mod_ssl* mydns* nsd* p0f php* proftpd* pure-ftpd* spamassassin* squirrelmail*
    
    The Ssl/Tls protocols there are:
    All -SSLv2 -SSLv3

    The default option is TLSv1.2 though but is not checked.

    In a production site, I used this to check what is used:
    Code:
    echo CURL_SSLVERSION_TLSv1_2;
    echo '<br>';
    $curl_info = curl_version();
    echo $curl_info['ssl_version'];
    
    I get:
    6
    OpenSSL/1.0.2q


    Thank you
     
  8. cPanelLauren

    cPanelLauren Forums Analyst II Staff Member

    Joined:
    Nov 14, 2017
    Messages:
    5,815
    Likes Received:
    444
    Trophy Points:
    233
    Location:
    Houston
    cPanel Access Level:
    DataCenter Provider
    Hi @eVdaimon


    Can you please open a ticket using the link in my signature? I believe we can help you resolve this if we're able to look into the issue more in-depth Once open please reply with the Ticket ID here so that we can update this thread with the resolution once the ticket is resolved.


    Thanks!
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  9. eVdaimon

    eVdaimon Member

    Joined:
    Jun 1, 2011
    Messages:
    9
    Likes Received:
    2
    Trophy Points:
    53
    Thank you. I have created a ticket.

    Your Support Request ID is: 11210247
     
  10. cPanelLauren

    cPanelLauren Forums Analyst II Staff Member

    Joined:
    Nov 14, 2017
    Messages:
    5,815
    Likes Received:
    444
    Trophy Points:
    233
    Location:
    Houston
    cPanel Access Level:
    DataCenter Provider
    Great, I'm watching that ticket and I'll add an update here with the analyst's findings as soon as available.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  11. cPanelLauren

    cPanelLauren Forums Analyst II Staff Member

    Joined:
    Nov 14, 2017
    Messages:
    5,815
    Likes Received:
    444
    Trophy Points:
    233
    Location:
    Houston
    cPanel Access Level:
    DataCenter Provider
    Hello,


    Based on the ticket it looks like the analysts were no longer able to replicate a connection issue. Can you confirm you're now able to connect to paypal successfully?
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  12. eVdaimon

    eVdaimon Member

    Joined:
    Jun 1, 2011
    Messages:
    9
    Likes Received:
    2
    Trophy Points:
    53
    The analysts were not able to replicate it, indeed. It is because the server works fine most of the time and when it does, the issue does not happen. At some point it breaks and it is not only connection to PayPal that suffers but in general, any connection to a tls host.

    We will wait for a time when the problem appears again, so the analysts can check it that time.
     
    cPanelLauren likes this.
  13. eVdaimon

    eVdaimon Member

    Joined:
    Jun 1, 2011
    Messages:
    9
    Likes Received:
    2
    Trophy Points:
    53
    Hello,

    I posted to contribute the final verdict as found by cPanel support tickets.

    It seems that nscd was responsible for these errors. A possible corruption of the "hosts" cache files has been indicated as the possible source of the trouble.

    This was the commands chosen to fix it.

    21:44:32] [11210247] [~]$ nscd --invalidate=hosts

    [21:45:20] [11210247] [~]$ /scripts/restartsrv_nscd --status
    nscd (/usr/sbin/nscd) is running as nscd with PID 45264 (pidfile+/proc check method).

    There is no certainty that the problem will not re-appear but still the issue needs to be flagged as solved as the source was identified and the fix above worked.

    Thank you
     
    cPanelLauren likes this.
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice