Can't access dashboard: SSLRead() error

I'm trying to set up the Dashboard on a new site. I keep getting this error:

Your server had a problem connecting to WPMU DEV: "SSLRead() return error -9806". Please try again.

If this problem continues, please contact your host with this error message and ask:

"Is php on my server properly configured to be able to contact https://premium.wpmudev.org/api/dashboard/v1/ with a POST HTTP request via fsockopen or CURL?"

I have checked CURL. It seems fine, and says there is ssl installed. However, it's on a Mac server, so maybe it is different?

Here is the output of /usr/local/bin/curl -V:

administrator$ /usr/local/bin/curl -V
curl 7.47.0 (x86_64-apple-darwin15.2.0) libcurl/7.47.0 OpenSSL/1.0.2f zlib/1.2.5 nghttp2/1.7.0
Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps pop3 pop3s rtsp smb smbs smtp smtps telnet tftp
Features: IPv6 Largefile NTLM NTLM_WB SSL libz TLS-SRP HTTP2 UnixSockets

I have even installed a new version of CURL to make sure OpenSSL is there (though I do not know how to force apache/php to use the new version).

I restarted Apache after installing the new version and setting the path in the shell.

Here is the output of that version,

/usr/local/bin/curl -V
curl 7.47.0 (x86_64-apple-darwin15.2.0) libcurl/7.47.0 OpenSSL/1.0.2f zlib/1.2.5 nghttp2/1.7.0
Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps pop3 pop3s rtsp smb smbs smtp smtps telnet tftp
Features: IPv6 Largefile NTLM NTLM_WB SSL libz TLS-SRP HTTP2 UnixSockets

I am stuck...

Any other ideas?

  • Morgan

    Hello Predag,

    I've added this line. It does allow me to log in to my dashboard, but there are multiple problems after that.

    For example:
    * the "health status" field of the domain mapping plugin just spins forever, not returning status
    * when I click on the ">" to get more info about a plugin in the dashboard, it just shows a spinning cursor
    * when I attempt to install a plugin from the dashboard, it gives a red error bar at the top of the screen (but sometimes it does install)

    I've reproduced these problems on two independent servers.

    I'm using OS X El Cap server. I think that the reason the SSL won't work has something to do with how the built in CURL handles self-signed certificates. I may try an alternative curl, however, I'm hesitant about replacing system functions like this, as it can cause instability.

    I think that the problems that arise when I add the non-https URL you gave me have to do with certain of your plugins still expecting encrypted connections, despite the setting.

    I'd love to get this working. I rely on a number of the plugins, but am moving my sites to this new server, and it needs to work there. My old VPS wasn't enough.

    Thanks!

  • Morgan

    According to one (older) post, here are the differences with OS X server's curl as it relates to SSL from OpenSSL:

    * The -2/--sslv2 option no longer works because Apple discontinued support for SSLv2 back in Mountain Lion
    * the --cacert option no longer works. This is because the new engine reads its certificates from a security database (the Keychain) instead of from certificate files
    * The --crlfile option is ignored
    * The --ciphers option is also ignored.

    Perhaps one of these has to do with why I can't use the plugins in the default https mode? If you can point me to which one the plugins may be using, I can look for a solution.

    Thanks
    Morgan

  • Adam Czajczyk

    Hey Morgan,

    Thanks for your feedback!

    I think your diagnose about curl is most likely accurate. I personally experienced similar issue a few months ago with my test setup. Fortunately, my sites are hosted on Linux servers by commercial provider and they fixed that for me in a few minutes. They confirmed however that it was curl related and they had to change some SSL related settings (though they didn't go that far to tell me which settings) and update curl certificates. That would confirm your theory.

    That said, I'm not much experienced with the kind of server that you're using (I'm not using Mac) and I think we also rarely come across such setup. Let me then forward this to our 2nd-line support gurus and hopefully they'll be able to further investigate it and give us a helping hand here.

    Please keep an eye on this thread but please also note that their response time may be a little bit longer than ours here on support forum as they deal with a lot of complex issues on daily basis.

    We'll keep you informed here.

    Best regards,
    Adam

  • Morgan

    Hi Adam,

    Thanks for your response.

    One additional thing I noticed that may help: only WPMUDEV login is affected, but once logged in (via https), everything works fine.

    I transferred a site of mine that had a live WPMUDEV install, and it continued working on the new server without logging me out (Must be a stored certificate or something). Everything is just fine. However, if I were to log out (as I've tried with my other sites) that would get me into this problem of not being able to log back in without adjusting the URL to the unsecured http one.

    Note that this may be more of an issue than you think; I've searched your forums and seen quite a few threads where people have this problem with the SSL connection. The suggestion support always make is to use the unsecured http in the wp-config.php. However, that breaks a number of things. The dashboard doesn't work correctly, nor does the domain mapping plugin. Most of the glitches seem to be in the GUI, however, it makes me leery about what may be broken behind the scenes. So, this commonly provided solution that support gives to people isn't really a fully working solution.

    It may be for all sorts of reasons that people can't connect; In my caseI am pretty sure this is because your server is running V2 and os x requires V3 SSL.

    Nonetheless, I have now ported > 50 other plugins and themes and NONE has had any discernible issue, except WPMUDEV stuff (one required ionCube, but that ended up being easy). So I do hope you'd make this a higher priority, since my environment seems fully compatible with all other WP plugins and themes I've tried. (also: membership isn't cheap and I'm on my second year).

    While Mac's aren't nearly as common as linux in the hosting space, with the advent of Mac Mini Colocation farms which provide lots of compute power for cheap, they are on the rise...

    In any case, thank you for your prompt response on a weekend.

    Morgan

  • Morgan

    Awrighty then :wink:

    It looks like your engineers must have fixed the non-encrypted url access - everything magically started working this morning.

    Despite that, I ran into one other plugin today that had the same problem (Jetpack). Sigh.

    So, I followed the procedure here (http://www.farces.com/wikis/naked-server/php/php-openssl/) to install a new PHP and CURL on OS X El Cap. It worked!

    I am now communicating with WPMUDEV's servers via https. Yay!

    I hope this helps anyone else who's using OS X Server on El Capitan (or Yosemite) and who is having Curl/SSL/sslread issues with the dashboard.

    Thanks
    Morgan

Thank NAME, for their help.

Let NAME know exactly why they deserved these points.

Gift a custom amount of points.