Missing Lock File, cURL tls certificate error

  • Resolved wp_kc

    (@wp_kc)


    3 years, 6 months ago

    NinjaScanner fails to scan, giving an error message of “Missing Lock File”

    Log file contains only one error message…
    29-Apr-21 14:35:31 ERROR Fatal error: forking process failed (cURL error 56: OpenSSL SSL_read: error:1409445C:SSL routines:ssl3_read_bytes:tlsv13 alert certificate required, errno 0: AJAX API). Aborting

    I’m guessing cURL is insisting on TLSv13 as a minimum encryption, but the server NinjaScanner is trying to connect to can’t handle that, or visa-versa.

    System:
    Debian 10 (4.19.181-1)
    Apache2.4.38-3+deb10u4
    PHP-FPM 7.4.16
    cURL 7.64.0-4+deb10u2
    WordPress 5.71
    NinjaFirewall WP+ 4.3.3
    NinjaScanner 3.0.7

Viewing 5 replies - 1 through 5 (of 5 total)
  • Thread Starter wp_kc

    (@wp_kc)

    P.S. If I switch to WP-CRON mode, the error message is pretty much the same…
    29-Apr-21 15:25:37 ERROR Fatal error: forking process failed (cURL error 56: OpenSSL SSL_read: error:1409445C:SSL routines:ssl3_read_bytes:tlsv13 alert certificate required, errno 0: WP-CRON). Aborting

    Plugin Author nintechnet

    (@nintechnet)

    Can you try to edit this file: ninjascanner/lib/ajax_hooks.php

    Search for:
    'sslverify' => apply_filters( 'https_local_ssl_verify', false ),

    There are 2 occurrences: line 93 and line 128.
    Comment out or delete the two lines.

    If that works, then I’ll add an option in the next version to disable SSL/TLS verification.

    Thread Starter wp_kc

    (@wp_kc)

    I commented out both lines, but still got the same result.
    30-Apr-21 05:25:32 ERROR Fatal error: forking process failed (cURL error 56: OpenSSL SSL_read: error:1409445C:SSL routines:ssl3_read_bytes:tlsv13 alert certificate required, errno 0: AJAX API). Aborting

    Plugin Author nintechnet

    (@nintechnet)

    I guess that WordPress enables the SSL/TLS verification by default (which is a good thing).
    Try to set it to false by replacing both lines with this one:
    'sslverify' => false,

    Thread Starter wp_kc

    (@wp_kc)

    I still got the same result with that…
    03-May-21 14:48:38 ERROR Fatal error: forking process failed (cURL error 56: OpenSSL SSL_read: error:1409445C:SSL routines:ssl3_read_bytes:tlsv13 alert certificate required, errno 0: AJAX API). Aborting

    But, I figured it out. I have CloudFlare on the site with the problem, and I have “Authenticated Origin Pulls” enabled. When I disabled Authenticated Origin Pulls in my server configuration and paused CloudFlare, it started working. Just pausing CloudFlare alone did not fix it.

    So I am assuming the problem is happening because the server can’t do a simple loopback when Authenticated Origin Pulls is on.

    I’m research if there is a fix for this. But at this point, it does not look like it is a NinjaScanner problem. So I’m marking this as resolved. Any more ideas would be appreciated though.

Viewing 5 replies - 1 through 5 (of 5 total)
  • The topic ‘Missing Lock File, cURL tls certificate error’ is closed to new replies.