Stripe - PHP error - Stripe no longer supports API requests made with TLS 1.0

问题:

Is it possible to run stripe tests without an HTTPS page? I seem to be getting the following error on my localhost. Is there a way to correct it?

This happens after submitting the payment information.

Fatal error: Uncaught exception 'Stripe\Error\Authentication' with message 'Stripe no longer supports API requests made with TLS 1.0. Please initiate HTTPS connections with TLS 1.2 or later. You can learn more about this at https://stripe.com/blog/upgrading-tls.' in /Applications/MAMP/htdocs/composer/vendor/stripe/stripe-php/lib/ApiRequestor.php:110 from API request 'req_9AwHIpLsRiWhRz' Stack trace: #0 /Applications/MAMP/htdocs/composer/vendor/stripe/stripe-php/lib/ApiRequestor.php(227): Stripe\ApiRequestor->handleApiError('{\n "error": {\n...', 401, Array, Array) #1 /Applications/MAMP/htdocs/composer/vendor/stripe/stripe-php/lib/ApiRequestor.php(65): Stripe\ApiRequestor->_interpretResponse('{\n "error": {\n...', 401, Array) #2 /Applications/MAMP/htdocs/composer/vendor/stripe/stripe-php/lib/ApiResource.php(120): Stripe\ApiRequestor->request('post', '/v1/customers', Array, Array) #3 /Applications/MAMP/htdocs/composer/vendor/stripe/stripe-php/lib/ApiResource.php(160): Stripe\ApiResource::_staticRequest('post', '/v1/custom in /Applications/MAMP/htdocs/composer/vendor/stripe/stripe-php/lib/ApiRequestor.php on line 110

回答1:

The issue here is not use of a HTTPS page. It's the TLS communication between your server (local machine in this case) and Stripe. A few months ago, Stripe published a blog post explaining that, for security reasons, they'd be deprecating some old protocols that are considered insecure. You can read more about this here:

https://stripe.com/blog/upgrading-tls

Right now, if you are hitting this issue your server or machine is defaulting to use TLS 1.0 instead of the required TLS 1.2.

Usually this is due to outdated software or a configuration issue on your machine. What I'd recommend is that you look into Stripe's support articles which detail how to test your code, as well as upgrade paths (including a bit of detail specific for Mac OS and MAMP --- essentially you will need to run your application with system php rather than the version bundled with MAMP):

https://support.stripe.com/questions/how-do-i-upgrade-my-stripe-integration-from-tls-1-0-to-tls-1-2#php

Moreover, if you find TLS 1.2 is not supported by your system, you should upgrade your server to properly support TLS 1.2. This may require upgrading the operating system, curl, openssl and/or language libraries.

https://support.stripe.com/questions/how-do-i-upgrade-my-openssl-to-support-tls-1-2

This test script can be helpful in identifying library versions used by your PHP install: https://gist.github.com/olivierbellone/9f93efe9bd68de33e9b3a3afbd3835cf

If you're using a 3.x version of the PHP library, you may consider upgrading to the 4.x branch. While updating your system libraries is the best solution here, the 4.x branch allows you to pass the CURLOPT_SSLVERSION flag, which may allow some versions of PHP/curl to successfully communicate over TLS 1.2.

https://github.com/stripe/stripe-php#ssl--tls-compatibility-issues

回答2:

If you are using Anaconda, the following workaround worked for me in my MAC machine. First, install openssl using conda

conda install openssl

Then create a new virtual environment using the python installation managed by Anaconda. Install your requirements in the new virtual environment and it should solve the TLS problem. Use the following code for testing - [source - https://support.stripe.com/questions/how-do-i-upgrade-my-stripe-integration-from-tls-1-0-to-tls-1-2#python]

import stripe stripe.api_key = "sk_test_BQokikJOvBiI2HlWgH4olfQ2" stripe.api_base = "https://api-tls12.stripe.com"  if stripe.VERSION in ("1.13.0", "1.14.0", "1.14.1", "1.15.1", "1.16.0", "1.17.0", "1.18.0", "1.19.0"):     print ("Bindings update required.")  try:     stripe.Charge.all()     print ("TLS 1.2 supported, no action required.") except stripe.error.APIConnectionError:     print ("TLS 1.2 is not supported. You will need to upgrade your integration.") 

回答3:

Use bellow script

require_once(APPPATH . 'libraries/vendor/autoload.php'); try {     $curl = new \Stripe\HttpClient\CurlClient(array(CURLOPT_SSLVERSION => CURL_SSLVERSION_TLSv1));     \Stripe\ApiRequestor::setHttpClient($curl);     \Stripe\Stripe::setApiKey($this->apiKey);      $token = \Stripe\Token::create(array(         "card" => array(             "number" => $creditCard,             "exp_month" => $expMonth,             "exp_year" => $expYear,             "cvc" => $cvc         )     ));      $result = $token->getLastResponse();     $json = json_decode($result->body);     $token = $json->id; } catch (Exception $e) {     echo $e->getMessage();     exit; } 

文章来源: Stripe - PHP error - Stripe no longer supports API requests made with TLS 1.0