PHP function, file_get_contents, fails with HTTPS URL

Posted in: Developer | May 01, 2011 0 Comments

I finally got my site up and running last week using a theme I had purchased. One of the features of the theme is that it displays my total number of RSS subscribers and Twitter followers. Unfortunately, the call to pull my RSS subscriber count was producing the following error:

[Sat Apr 30 20:21:46 2011] [error] [client XXX.XXX.XXX.XXX] PHP Warning:  file_get_contents() [<a href='function.file-get-contents'>function.file-get-contents</a>]: SSL: fatal protocol error in /PATH/TO/SCRIPT/PRODUCING/ERROR on line 3

So after taking a look at the code, I found that the problem was the URL being passed to the file_get_contents function. An HTTPS URL was being passed to the function. So the first thing I did was check the URL. Using Firefox I visited the URL using the HTTPS and the HTTP protocol, both of which worked. So I tried the function call again and the HTTPS URL would consistently fail, but the HTTP URL worked just fine.

After doing some research, I found that others were also having the same problem with the HTTPS protocol when used with the function. Some stated the issue is that OPENSSL is not configured on your hosting platform. So, I contacted my hosting provider to check if that was the case, which it was not, so scratch that off the list.

However, my hosting provider did share with me a very helpful link that I had also come across during my initial research that outlined a helpful script to get around the issue. The poster of that script was having the same issue as I was with an HTTPS call using file_get_contents. However, I didn’t want to implement the fix just yet because I was still unclear as to why the HTTPS call was failing and I wanted to get to the root of the issue first. So I visited the documentation page for the function and learned something interesting.

An important note on the documentation page for file_get_contents:

When using SSL, Microsoft IIS will violate the protocol by closing the connection without sending a close_notify indicator. PHP will report this as “SSL: Fatal Protocol Error” when you reach the end of the data. To work around this, the value of error_reporting should be lowered to a level that does not include warnings. PHP 4.3.7 and higher can detect buggy IIS server software when you open the stream using the https:// wrapper and will suppress the warning. When using fsockopen() to create an ssl:// socket, the developer is responsible for detecting and suppressing this warning.

Jackpot! So there are two things that could be happening:

  • It’s entirely possible that the URL I was using was being served by a Microsoft IIS Server. This was the only explanation I could derive from the issue I was experiencing since I had no information regarding the server itself. And from what I can tell, the reason others were claiming HTTPS calls with file_get_contents worked is that they may have been making calls to a non MS IIS Server, but without further information from those individuals it is hard to say.
  • There is also the chance that the server I visiting to pull the feed information could be handling requests differently based on the user agent information in the headers of the request.

In any case, using the script I eluded to earlier, I think I can fix the issue very easily. The script, written by Dharmavirsinh Jhala, uses a call using CURL to get the contents of the file. After reworking the RSS subscriber information on my site to make use of this script, I can confidently say that it gets around the issue while still being able to utilize an HTTPS call, and to be honest, is a good way to avoid having to deal with the issue in the first place.

Leave a Reply

You must be logged in to post a comment.

  • Oops Twitter isnt working at the moment

© 2004 - 2011 Anil Natha. All rights reserved.