Collectives™ on Stack Overflow
Find centralized, trusted content and collaborate around the technologies you use most.
Learn more about Collectives
Teams
Q&A for work
Connect and share knowledge within a single location that is structured and easy to search.
Learn more about Teams
Please see the output below. I'm just trying to access the website using curl 7.52.1 on RedHat Enterprise Server 6.9.
[root@fti ~]# curl -v https://testweb.dms.com
* Rebuilt URL to: https://testweb.dms.com/
* Trying 12.121.156.219...
* TCP_NODELAY set
* Connected to testweb.dms.com (12.121.156.219) port 443 (#0)
* ALPN, offering http/1.1
* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
* successfully set certificate verify locations:
* CAfile: /root/anaconda3/ssl/cacert.pem
CApath: none
* TLSv1.2 (OUT), TLS header, Certificate Status (22):
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* Unknown SSL protocol error in connection to testweb.dms.com:443
* Curl_http_done: called premature == 1
* Closing connection 0
curl: (35) Unknown SSL protocol error in connection to testweb.dms.com:443
openssl works fine.
[root@fti ~]# openssl s_client -connect testweb.dms.com:443
CONNECTED(00000003)
write:errno=104
no peer certificate available
No client certificate CA names sent
SSL handshake has read 0 bytes and written 307 bytes
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : 0000
Session-ID:
Session-ID-ctx:
Master-Key:
Key-Arg : None
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1508957433
Timeout : 300 (sec)
Verify return code: 0 (ok)
curl -V O/P
curl 7.52.1 (x86_64-pc-linux-gnu) libcurl/7.52.1 OpenSSL/1.0.2l zlib/1.2.8
Protocols: dict file ftp ftps gopher http https imap imaps pop3 pop3s rtsp smb smbs smtp smtps telnet tftp
Features: IPv6 Largefile NTLM NTLM_WB SSL libz TLS-SRP UnixSockets HTTPS-proxy
As none-root user
[denimi@fti ~]$ curl -v https://testweb.dms.com
* About to connect() to testweb.dms.com 443 (#0)
* Trying 12.121.156.219... connected
* Connected to testweb.dms.com (12.121.156.219) port 443 (#0)
* Initializing NSS with certpath: sql:/etc/pki/nssdb
* CAfile: /etc/pki/tls/certs/ca-bundle.crt
CApath: none
* NSS error -5961
* Closing connection #0
* SSL connect error
curl: (35) SSL connect error
How can I solve this?
–
Try connecting using specific protocol or cipher suits. Seems supplied protocol by curl is not accepted by server.
try this:
curl --tlsv1.2 https://testweb.dms.com
Thanks for contributing an answer to Stack Overflow!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
