字體:  

幫 Centos 6 更新 curl 版本來串接 paypal 金流

ilike86 發表於: 2016-2-25 14:58 來源: ADJ網路控股集團


最近公司要串 paypal 的程式.需要用到 curl 的指令連線使用 TLS1.2 的協定
但是 CentOS 6.x 預設的版本的是 curl 7.19.7 ,無法連到 paypal

正確方法如下:

QUOTE:

$ curl -v https://api.paypal.com
* Rebuilt URL to: https://api.paypal.com/
* Hostname was NOT found in DNS cache
*   Trying 173.0.84.98...
* Connected to api.paypal.com (173.0.84.98) port 443 (#0)
* TLS 1.2 connection using TLS_RSA_WITH_AES_256_CBC_SHA256
* Server certificate: api.paypal.com
* Server certificate: VeriSign Class 3 Secure Server CA - G3
* Server certificate: VeriSign Class 3 Public Primary Certification Authority - G5
> GET / HTTP/1.1
> User-Agent: curl/7.37.1
> Host: api.paypal.com
> Accept: */*
The important bit is: TLS 1.2 connection using TLS_RSA_WITH_AES_256_CBC_SHA256

不正確如下:

QUOTE:

# curl -v https://api.paypal.com
* About to connect() to api.paypal.com port 443 (#0)
*   Trying 173.0.92.23... connected
* Connected to api.paypal.com (173.0.92.23) port 443 (#0)
* Initializing NSS with certpath: sql:/etc/pki/nssdb
*   CAfile: /etc/pki/tls/certs/ca-bundle.crt
  CApath: none
* NSS: client certificate not found (nickname not specified)
* SSL connection using SSL_RSA_WITH_RC4_128_SHA
* Server certificate:
*       subject: CN=api.paypal.com,OU=PayPal Production,O="PayPal, Inc.",L=San Jose,ST=California,C=US
*       start date: Apr 15 00:00:00 2015 GMT
*       expire date: Apr 01 23:59:59 2016 GMT
*       common name: api.paypal.com
*       issuer: CN=VeriSign Class 3 Secure Server CA - G3,OU=Terms of use at https://www.verisign.com/rpa (c)10,OU=VeriSign Trust Network,O="VeriSign, Inc.",C=US
> GET / HTTP/1.1
> User-Agent: curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.14.0.0 zlib/1.2.3 libidn/1.18 libssh2/1.4.2
> Host: api.paypal.com
> Accept: */*
所以這時後你只要更新 curl 版本到 curl 7.47.1 以上就好了

方法如下:
# rpm -Uvh http://nervion.us.es/city-fan/yum-repo/rhel6/x86_64/city-fan.org-release-1-13.rhel6.noarch.rpm
# yum install curl
# curl -V
如果看到 curl 7.47.1 就搞定啦...

接著你可以在系統上這樣驗證串paypal 正不正常:
#php -r '$ch = curl_init(); curl_setopt($ch, CURLOPT_URL, "https://tlstest.paypal.com/"); var_dump(curl_exec($ch));'

On success, PayPal_Connection_OK is printed.
On failure, bool(false) will be printed.