Collectives™ on Stack Overflow
Find centralized, trusted content and collaborate around the technologies you use most.
Learn more about Collectives
Teams
Q&A for work
Connect and share knowledge within a single location that is structured and easy to search.
Learn more about Teams
im trying to authenticate user via xbox live Oauth2.0, but im experiencing this error which appears only at first request (after that it working for few minutes). Im already tried with --sslv*, --tlsv1, --ciphers, nothing helped.
vagrant@vagrant:~$ curl -v https://xsts.auth.xboxlive.com/xsts/authorize
* Hostname was NOT found in DNS cache
* Trying 134.170.178.199...
* Connected to xsts.auth.xboxlive.com (134.170.178.199) port 443 (#0)
* successfully set certificate verify locations:
* CAfile: none
CApath: /etc/ssl/certs
* SSLv3, TLS handshake, Client hello (1):
* Unknown SSL protocol error in connection to xsts.auth.xboxlive.com:443
* Closing connection 0
curl: (35) Unknown SSL protocol error in connection to xsts.auth.xboxlive.com:443
root@admin:~# curl -v https://xsts.auth.xboxlive.com/xsts/authorize
* Trying 134.170.179.106...
* Connected to xsts.auth.xboxlive.com (134.170.179.106) port 443 (#0)
* found 173 certificates in /etc/ssl/certs/ca-certificates.crt
* found 696 certificates in /etc/ssl/certs
* ALPN, offering http/1.1
* gnutls_handshake() failed: Error in the pull function.
* Closing connection 0
curl: (35) gnutls_handshake() failed: Error in the pull function.
CURL and OpenSSL versions on local machine and production
vagrant@vagrant:~$ curl --version
curl 7.35.0 (x86_64-pc-linux-gnu) libcurl/7.35.0 OpenSSL/1.0.1f zlib/1.2.8 libidn/1.28 librtmp/2.3
Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps pop3 pop3s rtmp rtsp smtp smtps telnet tftp
Features: AsynchDNS GSS-Negotiate IDN IPv6 Largefile NTLM NTLM_WB SSL libz TLS-SRP
root@admin:~# curl --version
curl 7.47.0 (x86_64-pc-linux-gnu) libcurl/7.47.0 GnuTLS/3.4.10 zlib/1.2.8 libidn/1.32 librtmp/2.3
Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps pop3 pop3s rtmp rtsp smb smbs smtp smtps telnet tftp
Features: AsynchDNS IDN IPv6 Largefile GSS-API Kerberos SPNEGO NTLM NTLM_WB SSL libz TLS-SRP UnixSockets
Any help would be appreciated!
–
–
–
–
The server does not like the SSL protocol used
The server and client are not able to find an agreement on the cipher ( cipher mismatch between server and client )
The certificate or key has expired
try openssl s_client in debug mode for more information
Thanks for contributing an answer to Stack Overflow!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
