macos - PHP-CURL fails to resolve host only when mod_ssl enabled in Apache
Get the solution ↓↓↓I have a local development environment running on macOS Big Sur using PHP 7.4, mysql and apache all installed via homebrew.
Worked great until recently, where all of a sudden if I made a CURL request in PHP I get the errorCould not resolve host: example.com
. I don't recall any changes of configuration that would've made this happen, however I did go from connecting via WiFi to connecting via Ethernet for my network connection perhaps 3-4 days prior to this occurring. There may also have been software updates applied by macOS that happen overnight automatically - whenever I see the notification saying it's going to happen overnight I just click OK and carry on with my day. This started happening on 8th July 2021 for anyone who follows software updates more closely than I do.
Initially I removed all the contents of/usr/local/
folder and re-installed Homebrew, [email protected] and Apache, create the most basic of test curl request in PHP and have the same issue.
<?php
var_dump(curl_version());
$ch = curl_init("https://example.com/");
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_VERBOSE, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_exec($ch);
if (curl_error($ch)) {
var_dump(curl_error($ch));
}
curl_close($ch);
Output:
/Users/jamesamner/Sites/home/test.php:2:
array (size=16)
'version_number' => int 478464
'age' => int 9
'features' => int 368035741
'ssl_version_number' => int 0
'version' => string '7.77.0' (length=6)
'host' => string 'x86_64-apple-darwin20.4.0' (length=25)
'ssl_version' => string '(SecureTransport) OpenSSL/1.1.1k' (length=32)
'libz_version' => string '1.2.11' (length=6)
'protocols' =>
array (size=25)
0 => string 'dict' (length=4)
1 => string 'file' (length=4)
2 => string 'ftp' (length=3)
3 => string 'ftps' (length=4)
4 => string 'gopher' (length=6)
5 => string 'gophers' (length=7)
6 => string 'http' (length=4)
7 => string 'https' (length=5)
8 => string 'imap' (length=4)
9 => string 'imaps' (length=5)
10 => string 'ldap' (length=4)
11 => string 'ldaps' (length=5)
12 => string 'mqtt' (length=4)
13 => string 'pop3' (length=4)
14 => string 'pop3s' (length=5)
15 => string 'rtmp' (length=4)
16 => string 'rtsp' (length=4)
17 => string 'scp' (length=3)
18 => string 'sftp' (length=4)
19 => string 'smb' (length=3)
20 => string 'smbs' (length=4)
21 => string 'smtp' (length=4)
22 => string 'smtps' (length=5)
23 => string 'telnet' (length=6)
24 => string 'tftp' (length=4)
'ares' => string '' (length=0)
'ares_num' => int 0
'libidn' => string '2.3.1' (length=5)
'iconv_ver_num' => int 0
'libssh_version' => string 'libssh2/1.9.0' (length=13)
'brotli_ver_num' => int 16777225
'brotli_version' => string '1.0.9' (length=5)
/Users/jamesamner/Sites/home/test.php:12:string 'Could not resolve host: example.com' (length=35)
If I run/usr/local/opt/curl/bin/curl -v https://example.com
in my terminal I get the expected result and no error, so I don't believe this to be an issue withcurl
, and usual browsing activities etc are unaffected - only curl requests within PHP.
In trying to debug this, I've found that restartinghttpd
sometimes fixes the issue for one lookup - any further CURL requests will subsequently fail. I read that uninstalling the OpenSSL version that Homebrew adds as a dependency for PHP can sometimes resolve issues too, then PHP falls-back to use the macOS supplied openssl. In my case, uninstalling did resolve the issue until the next time I restarted apache.
In trying to isolate the problem, I've found that disablingmod_ssl
from my apache config resolves the issue 100% of the time.
I've tried loading thephp7_module
before and after thessl_module
without any affect. The config files I have a pretty much the default that's supplied with Apache on a fresh-install.php.ini
is untouched, and inhttpd.conf
I've only added support for PHP by loading the php7_module and adding index.php to the directory index, and a x-httpd-php handler for php files.
The CURL request fails regardless of if I visit the local site with https or not. I use a wildcard certificate generated frommkcert
for local development, with sites all setup as vhosts under the subdomain of.test
. This error does occur however on 'localhost' too.
Example vhost file:
<IfModule ssl_module>
<VirtualHost *:443>
ServerName home.test
SSLEngine on
SSLCertificateFile "/usr/local/etc/httpd/ssl/test.cert"
SSLCertificateKeyFile "/usr/local/etc/httpd/ssl/test.key"
DocumentRoot /Users/jamesamner/Sites/home/
Options Indexes FollowSymLinks
LogFormat "%v %l %u %t \"%r\" %>s %b" commonvhost
ErrorLog "/usr/local/var/log/httpd/vhosts/home_error.log"
CustomLog "/usr/local/var/log/httpd/vhosts/home_access.log" commonvhost
</VirtualHost>
</IfModule>
<VirtualHost *:80>
ServerName home.test
DocumentRoot /Users/jamesamner/Sites/home/
Options Indexes FollowSymLinks
LogFormat "%v %l %u %t \"%r\" %>s %b" commonvhost
ErrorLog "/usr/local/var/log/httpd/vhosts/home_error.log"
CustomLog "/usr/local/var/log/httpd/vhosts/home_access.log" commonvhost
</VirtualHost>
Apache's error log (not the hosts error log) shows:
* Could not resolve host: example.com
* Closing connection 0
I can't work out why enabling mod_ssl affects DNS lookup in CURL, and I'm starting to think that the error message from CURL could be a red-herring and maybe there's another issue I can't think of?
Share solution ↓
Additional Information:
Link To Answer People are also looking for solutions of the problem: call to undefined function illuminate\encryption\openssl_cipher_iv_length()
Didn't find the answer?
Our community is visited by hundreds of web development professionals every day. Ask your question and get a quick answer for free.
Similar questions
Find the answer in similar questions on our website.
Write quick answer
Do you know the answer to this question? Write a quick response to it. With your help, we will make our community stronger.