Support » Plugin: Background Update Tester » Unable to upgrade WordPress from 3.7, what's the actual problem?

  • I’ve never been able to upgrade my WP site from 3.7. Background Update Tester 1.1 reports the following:-

    PASS: Your WordPress install can communicate with WordPress.org securely.
    PASS: No version control systems were detected.
    PASS: Your installation of WordPress doesn’t require FTP credentials to perform updates.
    WARNING: Couldn’t retrieve a list of the checksums for WordPress 3.7. This could mean that connections are failing to WordPress.org.

    This site is not able to apply these updates automatically.

    Is this expected behaviour? Taken on face value, it would seem that wordpress.org doesn’t hold the list of checksums for 3.7, which would be extremely odd.

    But might the actual problem here be something like the installed PHP’s having been compiled with an old version of OpenSSL? According to a phpinfo() WordPress plugin, the OpenSSL my hosting company provides looks a tad ancient:-

    OpenSSL support – enabled
    OpenSSL Library Version – OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008
    OpenSSL Header Version – OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008

    Or might it be because my hosting company hasn’t compiled PHP with suPHP? I’ve seen it written that this has stopped other people upgrading, I don’t know if Background Update Tester specifically checks for this.

    Any tips and suggestions much appreciated, thanks! πŸ™‚

    https://wordpress.org/plugins/background-update-tester/

Viewing 4 replies - 1 through 4 (of 4 total)
  • Plugin Author Andrew Nacin

    (@nacin)

    Lead Developer

    Are you unable to update at all? Even when pressing “Update Now”?

    Yes. πŸ™

    It just silently fails in all update scenarios, which is why I was really excited to find Background Update Tester. πŸ™‚

    If there’s any additional test I can run or information that might throw some light on this, please feel free to ask. (e.g. anything in the phpinfo() output, etc).

    It may also be relevant that I’m unable to bring up the…

    Featured | Popular | Newest

    …pages on the Plugin page, i.e.

    wp-admin/plugin-install.php?tab=featured
    wp-admin/plugin-install.php?tab=popular
    wp-admin/plugin-install.php?tab=new

    My guess is that a script loaded by the plugin-install.php script communicates with wordpress.org in a similar sort of way to the background updater.

    All of which might seem to suggest that the underlying issue may be an absence of secure communication means (https?) between my site and wordpress.org. Though how you’d test that I don’t know. πŸ™

    I think I’ve found the cause of the problem. Because WP 3.7 moved to secure connections with wordpress.org (to avoid MITM attacks), some sites weren’t correctly set up for secure connections.

    To debug this issue, there’s an HTTPS Debugger plugin:-

    http://wordpress.org/support/topic/37-search-for-plugins-in-cp-gives-unexpected-error?replies=39#post-4805878

    This gave me the following helpful debug:-

    1.[PASS]: Your WordPress install claims to support HTTPS Connections
    2.[FAIL]: Checking that the HTTPS Root Certificate bundle exists and is accessible
    3.[PASS]: cURL is installed and supports SSL communication, cURL Details: version_number=468225; age=3; features=34333; ssl_version_number=0; version=7.37.1; host=x86_64-unknown-linux-gnu; ssl_version=OpenSSL/0.9.8b; libz_version=1.2.3; protocols=dict,file,ftp,ftps,gopher,http,https,imap,imaps,pop3,pop3s,rtsp,smtp,smtps,telnet,tftp
    4.[PASS]: OpenSSL is installed. OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008 9469999
    5.[PASS]: Checking if stream_socket_client exists
    6.[PASS]: Checking if openssl_x509_parse exists
    7.[PASS]: Verifying api.wordpress.org resolves correctly.
    8.[FAIL]: [Streams] Communication with WordPress.org failed with error: [http_request_failed]: The SSL certificate for the host could not be verified.
    9.[FAIL]: [Streams with a POST body] Communication with WordPress.org failed with error: [http_request_failed]: The SSL certificate for the host could not be verified.
    10.[FAIL]: [cURL] Communication with WordPress.org failed with error: [http_request_failed]: error setting certificate verify locations: CAfile: /home/ciphermy/public_html/wp-includes/certificates/ca-bundle.crt CApath: none
    11.[FAIL]: [cURL with a POST body] Communication with WordPress.org failed with error: [http_request_failed]: error setting certificate verify locations: CAfile: /home/ciphermy/public_html/wp-includes/certificates/ca-bundle.crt CApath: none
    12.[INFO]: PHP Version: 5.4.32

    Hence I appear to have the same problem that was reported by a poster on the WordPress support forum 10 months ago:-

    http://wordpress.org/support/topic/37-search-for-plugins-in-cp-gives-unexpected-error/page/2?replies=39#post-4819910

    …which was then resolved by the poster’s hosting company:-

    http://wordpress.org/support/topic/37-search-for-plugins-in-cp-gives-unexpected-error/page/2?replies=39#post-4820292

    Does this sound plausible?

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘Unable to upgrade WordPress from 3.7, what's the actual problem?’ is closed to new replies.