I have built a website in PHP using the YII2 framework. When I use file_get_contents($requestUrl, false, stream_context_create($arrContextOptions)) then i am getting error saying error:0A000126:SSL routines::unexpected eof while reading I have also tried to enable the legacy provider by editing the openssl.cnf file, but got no success. Reference:
Any help would be appriciated.
Server: Nginx (nginx/1.18.0) OS: Ubuntu 22.04 LTS PHP: 7.4.29 Openssl: 1.1.1d
35 Answers
This error manifests not only with PHP but in a broad variety of contexts, so I write a generic answer here. The other answers address the issue by upgrading software that have implemented the solution already upstream. The reasons and background is explained here. Most software linking OpenSSL have tickets where they introduce support for the new openssl behaviour, e.g. 1, 2, 3. Currently, in Ubuntu 22.04 LTS curl is version 7.81.0, and fails in case of unexpected EOF with OpenSSL 3.0.x. The latest curl is 7.88.1, and apparently resolved the issue, though I could not find the exact commit or ticket. The solution in Ubuntu 22.04 and any system with old curl is to manually compile and install the latest one, as shown for example here.
Importantly, the issue can be addressed on client side, you don't have to do anything with the server (especially that, in most cases, it's a third party server and works correctly).
TLDR:
apt remove curl apt purge curl apt-get update apt-get install -y libssl-dev autoconf libtool make cd /usr/local/src wget unzip curl-7.88.1.zip cd curl-7.88.1 ./buildconf ./configure --with-ssl make sudo make install sudo cp /usr/local/bin/curl /usr/bin/curl sudo ldconfig curl -V I just had the same issue, it looks like its an issue with OpenSSL on Ubuntu 22.04.
I just updated all my packages on the server and now functionality is working as expected.
sudo apt update && sudo apt upgrade -y 4Upgrade your nginx 1.18.0 to the mainline version and the problem will be fixed. To do so:
- Execute as sudo:
curl | gpg --dearmor >/usr/share/keyrings/nginx-signing.gpg. - ADD THE LINES in /etc/apt/sources.list:
deb [signed-by=/usr/share/keyrings/nginx-signing.gpg] jammy nginx deb-src [signed-by=/usr/share/keyrings/nginx-signing.gpg] jammy nginx sudo apt updatesudo apt install nginx
Then restart the nginx server.
2Try to upgrade your Nginx to 1.22 may help.
On Cent OS 9 Stream, you can install it with the following commmands
dnf module list nginx dnf module reset nginx dnf module install nginx:1.22 Another possible reason you may be getting this error is if a firewall is blocking your traffic from the machine to the internet.
In my case, it was an Ubuntu 22.04 LTS machine, behind an Azure Firewall. The firewall was configured to only allow certain categories, and the sites I was trying to talk to were not in the allowed category.
In your case it may be a different kind of rule blocking it however. You may wish to review the logs from your firewall to know if it is blocking it and why.