Curl OpenSSL error 141A318A tls_process_ske_dhe:dh key too small

https curl php openssl

The usual recommendation for this error is to set the "CipherString" parameter in /etc/ssl/openssl.cnf to "DEFAULT:@SECLEVEL=1".

  • https://askubuntu.com/a/1233456
  • https://imlc.me/dh-key-too-small

In PHP, you can achieve the same thing with curl_setopt():

curl_setopt($ch, CURLOPT_SSL_CIPHER_LIST, 'DEFAULT@SECLEVEL=1');

This is a better solution than editing openssl.cnf since it allows you to relax security for just one specific call, rather than system-wide.


If you are using the file_get_contents() function, this works nicely

$context=array(
    "ssl"=>array(
        'ciphers' => 'DEFAULT:!DH'
    ),
); 

$json = file_get_contents($url, false, stream_context_create($context));

Related

How to find a specific rows + n in SQL Server table
How to get the values of a ConfigurationSection of type NameValueSectionHandler
How to adjust functionality for input data in shiny code
The framework 'Microsoft.AspNetCore.App', version '3.1.3' was not found
Android Chromecast Seeking behavior - Restarts Video from begining
Unable to add Tester Email Address to Google Play Console
Parse String datetime with Zone with Java Date
How to upload image to database using php and mysql? [duplicate]
Android Jetpack Compose mutableStateListOf not doing Recomposition
BeanCreationException when creating Bean of type org.springframework.web.servlet.LocaleResolver
Why doesn't VS Code auto update on macOS?
How to determine if object is in array