Unknown cipher in list: TLSv1 SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure

Resolving "unknown cipher in list" and "SSLv3 alert handshake failure" errors

Overview: This article describes troubleshooting steps for resolving TLSv1 SSL handshake failures due to unknown cipher issues.

Upgrading to the latest version of Ezeelogin available in the customer portal is known to fix this issues. If you continue to have issues, do read ahead.

Upgrading CURL to the latest version 7.59.0 will fix the issue while accessing Cpanel/WHM. However, the curl upgradation has to be done manually as the official Centos repo does not ship the latest versions.

The issue has been reported in Centos 6 & Centos 7 running php7.0 & php7.1 installed using REMI repository. Going back to the PHP version available from the official Centos Repo resolves the issue.

In Centos 6 running php 5.3.3. & Centos 7 running default php version 5.4.16, the following command should fix the issue, if not you would need to go for the manual upgrade.

yum upgrade

service httpd restart

To continue using PHP 7.0/7.1 in Centos 6/7, curl library linked in php web module has to be upgraded to the latest.

yum install libcurl-devel openssl-devel php-devel

wget https://curl.haxx.se/download/curl-7.59.0.tar.gz; tar -zxf curl-7.59.0.tar.gz; cd curl-7.59.0;./configure --with-ssl; make; make install

If php7.1 is running on the server, then download the corresponding php source code

tar -zxf php-7.1.16.tar.gz; cd php-7.1.16/ext/curl/; phpize; ./configure; make; make install; service httpd restart

If php7.0 is running on the server, then download the corresponding php source code

tar -zxf php-7.0.29.tar.gz; cd php-7.0.29/ext/curl/; phpize; ./configure; make; make install; service httpd restart

How to install and switch different versions of PHP in Ubuntu?

How to upgrade PHP to 7.4 on Centos 7

How to upgrade PHP to 8.1 in Debian?