Recently I was having a problem connecting to the Zoho CRM API when using PHP cURL.

cURL always seems to amaze me. Just when I think I’ve nailed down every possible configuration scenario, another issue comes along that requires a config option I had never used (or seen) before.

Usually when connecting to an https URL, I make sure to include this option:

curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);

The value of zero (or false) means to just access the site without verifying the certificate is valid.

However, when connecting to Zoho from certain servers, I was still receiving this curl_error():

SSL connect error

Baffled, I tried adjusting the CURLOPT_SSL_VERIFYPEER and CURLOPT_SSL_VERIFYHOST option values but to no avail.

With some help from another developer, I ended up coming across this option (and value):

curl_setopt($ch, CURLOPT_SSL_CIPHER_LIST, "rsa_rc4_128_sha");

I can’t explain fully what the above line does (as friendly documentation seems to be scant when searching the web), but who cares – instantly the error was gone, and data was being returned through my cURL request.

I ended up wasting a lot of time for a silly config option, but such is the life of a developer.