Troubleshooting Unsupported Protocol Errors (TLS Support)
An cURL Error code 35 "Unknown SSL protocol" or "Unsupported SSL protocol" error may occur when WHMCS attempts to connect to a remote service such as a payment gateway or registrar via a secure connection.
You may also see a Secure TLS Support in cURL warning on the Help > System Health Status page:
Your server is attempting a secure connection to using the outdated SSL protocol. As this is no-longer secure, most providers now require connections be made using the newer TLS protocols instead:
The WHMCS code is cryptographic protocol agnostic. Ie. we do not specify a particular protocol version when establishing cURL connections to external services. cURL will auto-negotiate the best available cryptographic protocol based upon the server configuration and the service being connected to.
As a result, any restrictions to the cryptographic protocol WHMCS can use are as a result of the server configuration and not WHMCS itself.
To help resolve such errors it will be necessary to work with your server admin/hosting provider to ensure that remote cURL connections are made using the TLS 1.1 or 1.2 protocols by default, rather than the outdated SSL and TLS 1.0 protocols.
There are a few items which can be checked quickly to help identify the cause of this error:
- Check the version of cURL installed on your server is sufficient to support the cryptographic protocol accepted by the service being connected to: https://curl.haxx.se/libcurl/c/CURLOPT_SSLVERSION.html
- Check the SSL Library installed on your server supports the cryptographic protocol accepted by the service being connected to: https://curl.haxx.se/docs/ssl-compared.html
- Test your website using a service such as https://www.ssllabs.com/ssltest/ - make sure your required protocol is displayed at the top of the list: