Results 1 to 4 of 4
  1. #1
    Join Date
    Sep 2009
    Location
    Stuart, FL
    Posts
    12,399
    Plugin Contributions
    87

    Default (51) SSL peer certificate or SSH remote key was not OK

    A site that I'm managing threw two of the following PayPal CURL errors on April 13th, within 2 minutes. Site details:
    - Recently upgraded to v1.5.4 (from 1.3.5)
    - PHP 5.3.29
    - MySQL 5.5.42-cli
    - Server OS: Linux 2.6.32-431.5.1.el6.x86_64
    - Site has a dedicated SSL certificate (COMODO)

    Code:
    2015-04-13 05:12:37
    -------------------
    (live transaction) --> https://api-3t.paypal.com/nvp
    Request Headers:
    Array
    (
    [0] => Content-Type: text/namevalue
    [1] => X-VPS-Timeout: 90
    [2] => X-VPS-VIT-Client-Type: PHP/cURL
    [3] => X-VPS-VIT-Integration-Product: PHP::Zen Cart(R) - PayPal/NVP
    [4] => X-VPS-VIT-Integration-Version: 1.5.4
    )
    
    
    Request Parameters: {GetTransactionDetails}
    Array
    (
    [TRANSACTIONID] => 18308746Y7415742E
    [METHOD] => GetTransactionDetails
    [USER] => shop_api1.xxxxx
    [PWD] => ****************
    [VERSION] => 61.0
    [SIGNATURE] => ****************************************************xYTo
    )
    
    
    Response:
    Array
    (
    [] =>
    [CURL_ERRORS] => (51) SSL peer certificate or SSH remote key was not OK
    )
    
    (51) SSL peer certificate or SSH remote key was not OK
    Array
    (
    [url] => https://api-3t.paypal.com/nvp
    [content_type] =>
    [http_code] => 0
    [header_size] => 0
    [request_size] => 0
    [filetime] => -1
    [ssl_verify_result] => 1
    [redirect_count] => 0
    [total_time] => 5.488148
    [namelookup_time] => 5.487966
    [connect_time] => 5.488167
    [pretransfer_time] => 0
    [size_upload] => 0
    [size_download] => 0
    [speed_download] => 0
    [speed_upload] => 0
    [download_content_length] => -1
    [upload_content_length] => -1
    [starttransfer_time] => 0
    [redirect_time] => 0
    [certinfo] => Array
    (
    )
    
    [redirect_url] =>
    )
    
    
    GetTransactionDetails, Elapsed: 5516ms -- Failed
    (51) SSL peer certificate or SSH remote key was not OK
    Array
    (
    [url] => https://api-3t.paypal.com/nvp
    [content_type] =>
    [http_code] => 0
    [header_size] => 0
    [request_size] => 0
    [filetime] => -1
    [ssl_verify_result] => 1
    [redirect_count] => 0
    [total_time] => 5.488148
    [namelookup_time] => 5.487966
    [connect_time] => 5.488167
    [pretransfer_time] => 0
    [size_upload] => 0
    [size_download] => 0
    [speed_download] => 0
    [speed_upload] => 0
    [download_content_length] => -1
    [upload_content_length] => -1
    [starttransfer_time] => 0
    [redirect_time] => 0
    [certinfo] => Array
    (
    )
    
    [redirect_url] =>
    CURL configuration:
    Code:
    cURL support 	enabled
    cURL Information 	7.38.0
    Age 	3
    Features
    AsynchDNS 	No
    Debug 	No
    GSS-Negotiate 	No
    IDN 	Yes
    IPv6 	Yes
    Largefile 	Yes
    NTLM 	Yes
    SPNEGO 	No
    SSL 	Yes
    SSPI 	No
    krb4 	No
    libz 	Yes
    CharConv 	No
    Protocols 	dict, file, ftp, ftps, gopher, http, https, imap, imaps, pop3, pop3s, rtsp, smtp, smtps, telnet, tftp
    Host 	x86_64-unknown-linux-gnu
    SSL Version 	OpenSSL/1.0.1e
    ZLib Version 	1.2.3
    Ideas welcomed.

  2. #2
    Join Date
    Feb 2012
    Location
    mostly harmless
    Posts
    1,809
    Plugin Contributions
    8

    Default Re: (51) SSL peer certificate or SSH remote key was not OK

    Is the SSL Certificate using SHA1?

  3. #3
    Join Date
    Sep 2009
    Location
    Stuart, FL
    Posts
    12,399
    Plugin Contributions
    87

    Default Re: (51) SSL peer certificate or SSH remote key was not OK

    The connection uses TLS 1.2. The key-exchange mechanisms are AES_128_GCM and ECDHE_RSA.

  4. #4
    Join Date
    Sep 2009
    Location
    Stuart, FL
    Posts
    12,399
    Plugin Contributions
    87

    Default Re: (51) SSL peer certificate or SSH remote key was not OK

    Update: If I view the FireFox/FireBug console when viewing the site, I do receive a message that the site's using a SHA-1 certificate.

 

 

Similar Threads

  1. v155 stream_socket_enable_crypto(): Peer certificate CN=`*.bluehost.com' did not match exp
    By Zean in forum Installing on a Linux/Unix Server
    Replies: 9
    Last Post: 6 Jul 2016, 02:25 PM
  2. Replies: 4
    Last Post: 19 Mar 2016, 04:54 AM
  3. ssl certificate issue?? www. vs not?
    By jrod31 in forum General Questions
    Replies: 3
    Last Post: 6 Nov 2009, 03:16 AM
  4. SSL Certificate not showing?
    By emilyjanes in forum General Questions
    Replies: 3
    Last Post: 9 Oct 2008, 10:26 PM
  5. peer-to-peer commerce
    By manojvp in forum General Questions
    Replies: 5
    Last Post: 7 Feb 2008, 12:06 AM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
disjunctive-egg
Zen-Cart, Internet Selling Services, Klamath Falls, OR