OpenSSL Error messages: error:0A000126:SSL routines::unexpected eof while reading

Screenshot is here

I have built a website in PHP using the YII2 framework. When I use file_get_contents($requestUrl, false, stream_context_create($arrContextOptions)) then i am getting error saying error:0A000126:SSL routines::unexpected eof while reading I have also tried to enable the legacy provider by editing the openssl.cnf file, but got no success. Reference:

Any help would be appriciated.

Server: Nginx (nginx/1.18.0) OS: Ubuntu 22.04 LTS PHP: 7.4.29 Openssl: 1.1.1d

3

5 Answers

This error manifests not only with PHP but in a broad variety of contexts, so I write a generic answer here. The other answers address the issue by upgrading software that have implemented the solution already upstream. The reasons and background is explained here. Most software linking OpenSSL have tickets where they introduce support for the new openssl behaviour, e.g. 1, 2, 3. Currently, in Ubuntu 22.04 LTS curl is version 7.81.0, and fails in case of unexpected EOF with OpenSSL 3.0.x. The latest curl is 7.88.1, and apparently resolved the issue, though I could not find the exact commit or ticket. The solution in Ubuntu 22.04 and any system with old curl is to manually compile and install the latest one, as shown for example here.

Importantly, the issue can be addressed on client side, you don't have to do anything with the server (especially that, in most cases, it's a third party server and works correctly).

TLDR:

apt remove curl apt purge curl apt-get update apt-get install -y libssl-dev autoconf libtool make cd /usr/local/src wget unzip curl-7.88.1.zip cd curl-7.88.1 ./buildconf ./configure --with-ssl make sudo make install sudo cp /usr/local/bin/curl /usr/bin/curl sudo ldconfig curl -V 

I just had the same issue, it looks like its an issue with OpenSSL on Ubuntu 22.04.

I just updated all my packages on the server and now functionality is working as expected.

sudo apt update && sudo apt upgrade -y 
4

Upgrade your nginx 1.18.0 to the mainline version and the problem will be fixed. To do so:

  1. Execute as sudo: curl | gpg --dearmor >/usr/share/keyrings/nginx-signing.gpg.
  2. ADD THE LINES in /etc/apt/sources.list:
deb [signed-by=/usr/share/keyrings/nginx-signing.gpg] jammy nginx deb-src [signed-by=/usr/share/keyrings/nginx-signing.gpg] jammy nginx 
  1. sudo apt update
  2. sudo apt install nginx

Then restart the nginx server.

2

Try to upgrade your Nginx to 1.22 may help.

On Cent OS 9 Stream, you can install it with the following commmands

dnf module list nginx dnf module reset nginx dnf module install nginx:1.22 

Another possible reason you may be getting this error is if a firewall is blocking your traffic from the machine to the internet.

In my case, it was an Ubuntu 22.04 LTS machine, behind an Azure Firewall. The firewall was configured to only allow certain categories, and the sites I was trying to talk to were not in the allowed category.

In your case it may be a different kind of rule blocking it however. You may wish to review the logs from your firewall to know if it is blocking it and why.

Your Answer

Sign up or log in

Sign up using Google Sign up using Facebook Sign up using Email and Password

Post as a guest

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge that you have read and understand our privacy policy and code of conduct.

You Might Also Like