MAMP SSL error: "error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure"

mamp pro
mamp secure
ampps ssl
localhost 8887 mamp
how to use mamp
mamp chrome
localhost ssl certificate mac
self-signed ssl certificate not working

I am using MAMP on OS X Yosemite to develop a website on my local machine. The website is a client application for an API that runs on HTTPS. I keep getting this error when I try to call the API from PHP:

error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure

The same code works on the server, but the site is already in production so I need to be able to create a separate development environment. I get exactly the same error whether I call the API with cURL or file_get_contents. I can use cURL on the command line or load the URL in my browser and it works fine. I've spent hours reading through and trying all the other solutions I could find on this site and elsewhere, and none of them have worked. Has anyone else seen this problem?

Update: I finally found a solution in my last ditch effort just before posting this question, but it was such a painful process that I'm posting it anyway in hopes it can help someone else avoid this hair-tearing catastrophe. My solution is below.


The solution:

  1. brew install openssl
  2. Download and unpack the latest cURL
  3. In the cURL source directory:

    LDFLAGS="-L/usr/local/opt/openssl/lib" CPPFLAGS="-I/usr/local/opt/openssl/include" ./configure --prefix=/Applications/MAMP/Library/
    
  4. make
  5. make install
  6. Restart MAMP
  7. In PHP, between curl_init and curl_exec:

    curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); 
    

The explanation:

The path to finding the solution started with this site, which describes a different SSL error on MAMP, and suggests recompiling a fresh version of cURL with --prefix=/Applications/MAMP/Library/ to overwrite the one MAMP uses. I tried this but it didn't work. Later, something possessed me to study the cURL compile options, and I noticed instructions for specifying a different version of OpenSSL when compiling it. I decided to give it a try (promising myself that this was the last attempt and then I would give up). I installed an up to date OpenSSL package with Homebrew, and its helpful post-install info said:

If you build your own software and it requires this formula, you'll need to add to your 
build variables:

LDFLAGS:  -L/usr/local/opt/openssl/lib
CPPFLAGS: -I/usr/local/opt/openssl/include

That looked similar to something I saw in the cURL compile options, which specified the correct syntax for the above:

LDFLAGS="-L/usr/local/opt/openssl/lib" CPPFLAGS="-I/usr/local/opt/openssl/include" ./configure

I added back in the --prefix=/Applications/MAMP/Library/, followed by the usual make and make install, restarted MAMP, and sighed with relief.

I later discovered that one of the cURL options I had thrown in from another website was also necessary to avoid a different SSL error ("SSL certificate problem: unable to get local issuer certificate"). Setting CURLOPT_SSL_VERIFYPEER to false solved that one for me.

How to Enable SSL for Localhost using MAMP, But hold on, instead, you see an error (like below) as the SSL certificate is not recognized by the browsers in this case, Chrome. Note that if you  Stack Overflow for Teams is a private, secure spot for you and your coworkers to find and share information. Learn more MAMP SSL error: “error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure”


Here is a solution that works for me on MAMP Pro 3.5 running on OSX 10.11.1

In your PHP you may need to set the SSL version and the matching Cipher for curl_init():

curl_setopt($ch, CURLOPT_SSLVERSION, 1);
curl_setopt($ch, CURLOPT_SSL_CIPHER_LIST, 'TLSv1');

For the exact parameters you can pass to CURLOPT_SSLVERSION see: http://php.net/manual/en/function.curl-setopt.php

Also the following can display errors related to SSL versions being used to help find exact version conflict you have:

$error = curl_error($ch);
echo $error;

More on this command: http://php.net/manual/en/ref.curl.php

How to get MAMP to work with SSL Yes really. · GitHub, In /Applications/MAMP/conf/apache/extra/httpd-ssl.conf , find the following block I am getting the cloudflare 522 error (timed out) when I access it through my  I don’t have MAMP Pro, which as far as I know has the ability to disable ssl. From what I’ve found for MAMP enabling ssl would require a lot of configuration, which I’d rather not do just for one site.


Ive had the same problem. I solved it by instead using Apples preferred SecureTransport SSL program. The following worked for me:

  1. Download the latest curl (zip) version from here
  2. Go to your downloads folder and extract the zip file by double clicking on it. There will now be a folder with in your downloads folders with the extracted files.
  3. Open terminal and navigate to the folder `cd ~/Downloads/curl-folder-name'
  4. Then in terminal type ./configure --prefix=/Applications/MAMP/Library/ --with-darwinssl
  5. make && make install

Restart MAMP and see if the changes worked. One way to check is to call the following on your MAMP php program in terminal:

/Applications/MAMP/bin/php/php5.5.14/bin/php -r 'echo json_encode(curl_version(), JSON_PRETTY_PRINT);'

You should see "ssl_version": "SecureTransport"

MAMP PRO (macOS) Documentation > Settings > Hosts > SSL, To encrypt traffic from Apache to a web browser you can use SSL. If you would like to secure a productive server you should get the Certificate file and the  MAMP is installed on my Mac (Catalina 10.14.6) When I need to use something like Composer I open the terminal to do so. Though MAMP may be running, the Mac Terminal still accesses the “Mac installed” version of Apache/MySQL/PHP (AMP). The only way to get my system to use the MAMP running version of PHP is to place the following into my .bash_profil


I solved this by updating the curl. (place check the curl version and openssl version, they may not match)

curl 7.12.1 need OpenSSL/0.9.7a but my OpenSSL is 1.0.2m.

details: ~ $ curl -V curl 7.12.1 (x86_64-redhat-linux-gnu) libcurl/7.12.1 OpenSSL/0.9.7a zlib/1.2.1.2 libidn/0.5.6 Protocols: ftp gopher telnet dict ldap http file https ftps Features: GSS-Negotiate IDN IPv6 Largefile NTLM SSL libz ~ $ openssl version OpenSSL 1.0.2m 2 Nov 2017

Self-signed SSL certificates not working with MAMP and Chrome , **NOTE: Since I posted this, Google have acquired the .dev top level domain, so it's not advised to use .dev hostnames for your local  If you only setup the one virtual host with SSL the non-secure version (http) will not be accessible for MAMP. In order to have both http and https, just repeat the process with the same server name, but without the SSL setup.


How to install an SSL certificate on localhost / MAMP, Note: From MAMP 4.4.1 onwards, adding this might not be necessary. If Apache fails to start with the 'could not bind to address [::]:443′ error,  This error was happening because the DocumentRoot was defined twice, in both httpd.conf and httpd-ssl.conf. Removing the DocumentRoot from the httpd-ssl.conf resolved this issue. Now MAMP is back up and running. We also experienced that Apache doesn’t write all errors to the apache_error.log file in the /logs/ directory.


Free HTTPS / SSL Support for MAMP over localhost, Want to run websites over https:// while using localhost? Using MAMP as your webserver but Duration: 20:03 Posted: Oct 28, 2017 If you previously created SSL certificates in MAMP, then I've found that deleting them and starting again using this method works. Create your hostname, eg. test.dev and select your document root. Click the SSL tab, and check the "SSL" box. Make sure you leave the other checkbox "Only allow connections using TLS protocols" unchecked. Screenshot showing SSL panel in MAMP Pro


Trusting SSL Locally on a Mac, 1) Locally Signed SSL Certificate through MAMP. I get frustrated with a self-​signed certificate: I don't know why the entries are in “error red”. This video gives step by step instructions on how to add SSL/HTTPS support to your free MAMP webserver on localhost. NOTE: This uses a self-signed SSL certificate that will give warnings the first