I use this code to process Paypal payment data transfer (PDT):
$url = 'https://www.sandbox.paypal.com/cgi-bin/webscr';
$tx_token = $_GET['tx'];
$auth_token = "my_token";
$fields = array(
'cmd' => '_notify-synch',
'tx' => $tx_token,
'at' => $auth_token,
);
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_POST, count($fields));
curl_setopt($ch,CURLOPT_POSTFIELDS, http_build_query($fields));
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HEADER, false);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_TIMEOUT, 15);
$res = curl_exec($ch);
$status = curl_getinfo($ch, CURLINFO_HTTP_CODE);
echo 'Curl error: ' . curl_error($ch);
echo "status: " . $status;
curl_close($ch);
And I'm getting:
Curl error: SSL connect error
status: 0
I tried to make the API in Postman with the same URL: www.sandbox.paypal.com with the same parameters (cmd, at, tx) and I got success response. What I did wrong?
PayPal has upgraded to TLS 1.2 for its sandbox API endpoints. You can find out more about the upgrade and when it will affect production at the TLS 1.2 and HTTP/1.1 Upgrade Microsite.
You will need OpenSSL to be 1.0.1c or higher and a recent version of libcurl. As far as your specific code, you probably want to do the following:
curl_setopt($ch, CURLOPT_SSLVERSION, 6); // CURL_SSLLVERSION_TLSv1_2 = 6
Also, you probably should leave the CURLOPT_SSL_VERIFYHOST to be 2 to verify the SSL certificate for the endpoint.
You can find out more at the PayPal TLS update repository for specific language environment requirements.