TLS requirement for repo.magento.com
The Magento software and component repository,
repo.magento.com, recently started requiring Transport Layer Security (TLS) 1.1 or later.
The PCI Security Standards Council} removed SSL/TLS 1.0 as an example of strong cryptography from the PCI Data Security Standard (PCI DSS) version 3.1, stating that it can no longer be used as a security control after June 30, 2016.
For details, see Date Change for Migrating from SSL and Early TLS.
If you have an earlier version of TLS, you’ll see the errors discussed in this section.
Downloading a Magento metapackage
The following error displays if you attempt to run
composer create-project to get a Magento metapackage:
1 2 3 [Composer\Downloader\TransportException] The "https://repo.magento.com/packages.json" file could not be downloaded: Failed to enable crypto failed to open stream: operation failed
Using the Web Setup Wizard
Actions like saving your authentication credentials or synchronizing with Magento Marketplace fail with the following error:
The solution to this issue depends on how your operating system packages TLS. See one of the following sections for more information:
Make sure you’re using
libcurl versions 7.34 or later; these versions use TLS 1.2 by default.
To determine your
libcurl version, enter the following command:
1 curl --version
To determine the version of CentOS your server runs, enter the following command:
1 cat /etc/*release*
If you’re already running CentOS 6.8 or later, no action is necessary. According to the CentOS 6.8 changelog, “various applications now support TLS 1.2, i.e. OpenLDAP, yum, stunnel, vsftpd, git, postfix and others. Also TLS 1.2 has been enabled by default in various packages”.
(CentOS 7 has a newer version of
libcurl that also defaults to TLS 1.2.)
Recent updates to the OS X liip package should resolve the issue.