{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 贼婆χ 的问题《Braintree PHP SDK cURL exception》','https://www.manongdao.com/q-1252649.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
I keep getting back a Braintree_Exception_SSLCertificate exception when I try to generate a client token using Braintree_ClientToken::generate(). I've got the SDK loaded and my PHP setup seems to meet the minimum requirements for the SDK.
The versions of PHP and cURL I'm running are:
PHP 5.5.3
cURL 7.32.0 with OpenSSL/1.0.1e. SSL is enabled in my cURL module.
I noticed Braintree is enforcing TLS 1.2 so I thought that might be the issue but I tried adding the following line to Http.php in the Braintree SDK:
curl_setopt($curl, CURLOPT_SSLVERSION, 6);
This should set cURL to use TLS 1.2 but it didn't seem to help and I'm not sure how to verify that the setting even took effect.
I haven't managed to successfully place a request to Braintree's API yet so I'm worried this is something I'm doing wrong or maybe the version of cURL I'm using is no good. Is there anything I need to enable SSL that I've missed?
Thanks, Brad.
Okay, I have just climbed Himalaya. The solution above is not a solution at all. Here's what I did to solve this problem. For Centos 7 machine, yum update is sometimes useless. The only solution is to update OpenSSL and Curl manually.
There are 15 steps:
Download latest OpenSSL package.
Unzip
Enter folder
Config
Install
That's not the end of the journey, you have to update curl too. Download the latest version of curl.
Unzip
Enter folder
Set lib path
Config
Install
Backup a bit
Link it
Finally, check your curl version by
If you did all these steps correctly, it shows
Full disclosure: I work at Braintree. If you have any further questions, feel free to contact support.
The cURL version that you are using may be your issue, because the libcurl version should be greater than 7.40. I would recommend updating to this version, since TLS 1.2 support is added at that version and beyond.
Also, this github link takes you through the process that Braintree requires for your PHP integration to be up to date with TLS 1.2. I'm mentioning this since you wanted a way to check if your cURL was being set to instantiate TLS 1.2.
The way to do this would be:
php -r 'echo json_encode(curl_version(), JSON_PRETTY_PRINT);'