This article is about an error that I experience on my WordPress site while setting up Easy Digital Download with software licensing.
I wrote additional code for my WP Plugin as recommended by Easy Digital Download regarding software licensing on how to add a licenses key to my plugin and how to activate the licenses key.
When I was doing testing to activate the plugin key, i got a curl error – curl: error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure
A bit of my development setup, I do all my development on a MacBook, I used MAMP for localhost server setup on a MacBook.
The issue I got when testing licenses activation, was a curl error – curl: error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure
The problem is related to and SSL Handshake error that occurs when the OpenSSL version on the server of the site requesting the update is outdated and does not support the SSL Protocols that the store delivering the update requires.
There are two ways to set this up to resolve this issue.
The ideal solution is to have the site requesting the update verify that their OpenSSL software us up to date for their platform. OpenSSL is a server software that facilitates the communication over the HTTPS protocol. If this is not a possible solution, you can work with your hosting provider or server administrator to configure your web-server to accept these outdated SSL versions, but this is not ideal as it allows less secure connections to your server.
There are a few other things that you should also check on – it may not be the SSL, it could be one or several of the above.
First check your curl version – curl -V – then check if you can curl your server that manage the licenses. You can also use the EDD Software Licensing API
Check if EDD is properly installed and configured
You can also check if your software licenses site is correctly configured –
Next check your SSL support – The server where I run the licensing software on, is setup with Ubuntu, I read that some sites disable support for SSL 3.0 (possible because of many exploits/vulnerabilities), so it’s possible to force specific SSL version by either -2/–sslv2 or -3/–sslv3. Also -L is worth a try if requested page has moved to a different location. The possible problem could be a curl bug (found in OpenSSL), so curl needed to be upgraded to the latest version (>7.40). In my case that was not the issue
- 3 Common Causes of Unknown SSL Protocol Errors with cURL
- [Bug 861137] Re: Openssl TLS errors while connecting to SSLv3 sites
If you running your localhost on a MacBook, check your version – starting with Mavericks, Apple switched the TLS/SSL engine from OpenSSL to their own Secure Transport engine in Apple distributed cURL binary which breaks client certificate usage. Use the cURL binary from homebrew:
- brew install curl
- brew link curl –force
SSL Connect Error with CloudFlare
SSL connect error when using CloudFlare – This specific error with Software Licensing delivering updates is usually seen when using Cloudflare’s Flexible SSL option. This option causes a chain issue with some cURL versions that exist on the client server requesting the update.
There are a couple ways to fix this from the server side (without having to request the client to update their cURL version). The first is to upgrade to a paid Cloudflare SSL.
The paid tier SSL Certificates from Cloudflare typically do not pose this problem. The other solution is to purchase an SSL Certificate from a 3rd party and install it directly on your server.
CloudFlare Integration – If you are using CloudFlare as a CDN, Caching Layer, or SSL provider, we recommend you configure CloudFlare to bypass cache for all URLs that contain the following string:
This is the API endpoint for checking the license status and delivering update packages. If these endpoint URLs are cached it can cause issues with properly delivering updates to your customers.
I used CloudFlare, so the solution for me was to go with buying a Cloudflare certificate, and I also added a page rule for not catching the edd software licensing page.
I hope this will help you, if you have similar problems. If you have questions or comments, you can add below.