Magento Connect returns Unknown SSL protocol error in connection to connect20.magentocommerce.com
Why do I see this error?
If you receive this error, you are using an older Magento version that is having a hard time connecting over
TLS to the Magento connect store.
Magento changed the SSL settings for their web servers that are serving Magento Connect.
As some older Magento versions use older hardcoded SSL protocols in the
downloader code, these installations are not able to connect using the old settings anymore.
Is Hypernode using an old OpenSSL version?
OpenSSL versions older than 1.0.1-stable do not support TLS1.1 en TLS1.2 connections, so if you are using an older version of OpenSSL, upgrading could help. As we are using version
OpenSSL 1.0.2 (you can verify this by running
openssl version on the Hypernode), in this situation this is not the cause of the issue.
We use the newest OpenSSL available for our operating system and build our PHP versions soon after the release upstream, but due to the changed settings on the Magento Connect store not being compatible with the hardcoded SSL versions in Magento, you are still experiencing this error.
How can I fix this error?
This error can be fixed by updating to the latest Magento of your version, but by trying you will likely run into this issue (again).
Instead, you can easily change the SSL behaviour of cURL in the
To do so, startup your editor and open
Now on line 383, change:
// Change Curl settings to TLS 1.2 due to deprecation of ssl protocols on magentocommerce.com // $this->curlOption(CURLOPT_SSLVERSION, 1); $this->curlOption(CURLOPT_SSLVERSION, 6);
This will change the SSL protocol cURL uses when downloading extensions to
TLS1.2 which should suffice.
More information about this error can be found here
Extra for non Hypernode users: Run the TLS test by PayPal
PayPal provides an easy test URL to check whether your PHP-cURL and OpenSSL version are modern enough to support TLS connections. It can be used to validate whether your local cURL and OpenSSL settings are new enough to support TLS versions 1.0, 1.1 and 2.
This can be done using the following snippet:
Save this as
ssltest.php and run it through a browser or by running
php -f ssltest.php
This should return
PayPal_Connection_OK 3 times when a valid encrypted connection using
TLS1.2 can be established to PayPal using