这里详细描述问题
协程环境下使用httpclient组件请求https接口,会出现报错
NOTICE Socket::ssl_connect(fd=13) to server[xx.xx.xx.xx:443] failed. Error: error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure[1|1040]
捕获抛出的异常:The connection to xx.com has been closed
服务器上用openssl 测试openssl s_client -connect xxx.com:443 -servername xxx.com -tls1_2 正常
请问是否需要通过指定ssl协议版本来解决?或者是哪儿的问题。。
这里粘代码
$parallelOptions = [
'max_conn_per_addr' => 100,// 每个域名最多维持多少并发连接
'keepalive_timeout' => 15,// 连接多长时间不通讯就关闭
'connect_timeout' => 30,// 连接超时时间
'timeout' => 30,// 请求发出后等待响应的超时时间
'context' => [
'ssl' => [
'verify_peer' => false,
'verify_peer_name' => false,
'allow_self_signed' => true,
'crypto_method' => STREAM_CRYPTO_METHOD_TLSv1_2_CLIENT | STREAM_CRYPTO_METHOD_TLSv1_3_CLIENT,
],
],
];
$requestOption = [
"method" => "GET",
'version' => '1.1',
];
$url = "https://xx.com";
$coroutineHttp = new \Workerman\Http\Client($parallelOptions);
$requestRs = $coroutineHttp->request(trim($url),$requestOption);
这里写具体的系统环境相关信息
PHP版本
php -v
PHP 8.1.31 (cli) (built: Mar 14 2025 18:20:13) (NTS)
Copyright (c) The PHP Group
Zend Engine v4.1.31, Copyright (c) Zend Technologies
openssl版本:
OpenSSL support => enabled
OpenSSL Library Version => OpenSSL 1.1.1o 3 May 2022
openssl version
OpenSSL 1.1.1k FIPS 25 Mar 2021 (Library: OpenSSL 1.1.1o 3 May 2022)
composesr版本:
"workerman/workerman": "~5.1",
"workerman/webman-framework": "~2.1",
"workerman/http-client": "~3.0",
"webman/database": "~2.1",
"webman/redis": "~2.1"
协程环境:
'eventLoop' => Workerman\Events\Swoole::class,
我也遇到过,原因是swoole没有开启openssl。
编译swoole命令:
我感觉确实是ssl有点问题,测试请求http的接口就没异常,但是我看phpinfo中swoole似乎已经支持openssl了
swoole
Swoole => enabled
Author => Swoole Team team@swoole.com
Version => 5.1.5
Built => Mar 15 2025 12:34:57
coroutine => enabled with boost asm context
epoll => enabled
eventfd => enabled
signalfd => enabled
cpu_affinity => enabled
spinlock => enabled
rwlock => enabled
sockets => enabled
openssl => OpenSSL 1.1.1k FIPS 25 Mar 2021
dtls => enabled
http2 => enabled
json => enabled
pcre => enabled
zlib => 1.2.7
brotli => E16777225/D16777225
mutex_timedlock => enabled
pthread_barrier => enabled
futex => enabled
async_redis => enabled
Directive => Local Value => Master Value
swoole.display_errors => On => On
swoole.enable_coroutine => On => On
swoole.enable_fiber_mock => Off => Off
swoole.enable_library => On => On
swoole.enable_preemptive_scheduler => Off => Off
swoole.unixsock_buffer_size => 8388608 => 8388608
swoole.use_shortname => On => On
可以尝试编译swoole的时候,选择更加新的openssl版本,如1.1.1或者直接使用3.x
好的,试过用1.1.1了还是不行,今天再编译3.x的测试下看看
1.1.1的最后一个版本是1.1.1w,你现在的是k差了12个小版本呢
1.1.1w也实测过不行。。o(╥﹏╥)o
早上测试手动编译了openssl3.x也还是一样的问题,ssl的请求都会异常(要么提示timeout,要么提示handshake failure),目前排查发现的是TcpConnection中这处代码的异常
设置'eventLoop' => Workerman\Events\Fiber::class,则请求正常,设置为Workerman\Events\Swoole::class则异常,不知道是不是跟swoole的阻塞自动协程有关系?
我去swoole的github上看了一下,5.1.6版本修复了一个tcp不支持ssl的bug这个问题可能和你的问题有关,如果你使用的是5.1.5的话可以尝试更新一下版本,现在最新的是5.1.7 https://github.com/swoole/swoole-src/releases
这个是swoole5.1.6修复的不支持tcp动态启用ssl的问题记录
好,昨天有用swoole5.1.7测试过不行,后面也捣鼓了swoole4和swoole6;下午我再用5.1.7+openssl3重新编译来测试下
试下来还是不行...
试试我使用docker编译的php+swoole,luoyueapi/webman-mvc,将代码挂载到/opt目录即可
试了不行,只能先用fiber来搞了☺