Collectives™ on Stack Overflow
Find centralized, trusted content and collaborate around the technologies you use most.
Learn more about Collectives
Teams
Q&A for work
Connect and share knowledge within a single location that is structured and easy to search.
Learn more about Teams
$ curl -I https://9.185.173.135
curl: (35) Unknown SSL protocol error in connection to 9.185.173.135:443
This is an secured page that I need to access. But I don't know how to obtain its certificate file. I tried to use Firefox, but it says couldn't get any ssl certificate once the url is entered.
$ curl -I http://9.185.173.135
HTTP/1.1 200 OK
Content-Length: 686
Content-Type: text/html
Content-Location: http://9.185.173.135/Default.htm
Last-Modified: Mon, 16 Mar 2009 05:05:38 GMT
Accept-Ranges: bytes
ETag: "a851dbd8f4a5c91:d41"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 13 Jul 2010 04:09:35 GMT
The server is definitely reachable from my laptop. Once I get the certificate file, I assume I can then import it to Firefox and then use my credentials to pass the authentication (I already got the username/password).
Sorry I am no expert in security at all. Is there anything else I can try?
Many thanks in advance.
–
–
–
–
–
–
To Rudi : Thanks for the hint, that tells me a hell lot of info.
Somehow the admin of the secured page "refreshes" the state of certifications every day. So although I got blocked from accessing it yesterday, it generously lets me to grab another certificate and add it to the exception list of Firefox.
So everything is working, and I really learn something from yesterday's experience.
–
I got the same error when running curl/httpie against a Tomcat server on my localhost deployed from Eclipse. It turns out that default server.xml deployed by Eclipse disables https. Specifically, the section below is commented out in server.xml.
<Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol"
maxThreads="150" SSLEnabled="true" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS" />
After uncommenting it out and adding the two keystore parameters, the curl command starts working (with --insecure option if the certificate is self-signed).
<Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol"
maxThreads="150" SSLEnabled="true" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS" />
keystoreFile="/path/to/your/keystore"
keystorePass="yourpass" />
i have some solutions that fix the issue for me:
1] try update your curl/php/apache [ yum update ]
2] restart apache
Those worked for me!
I had the same error after updating my SSL certificate on the target SSL site.
My source OS was Centos 6 and updating to a new curl version solved it.
*Note I was already using the curl -k (insecure option) but I would still get that error. Essentially this error is caused by nss or openssl being out of date.
yum -y install curl nss openssl
Remember if you have a web application like PHP calling curl you will need to restart Apache to make the update take effect.
I've updated based on this guide: http://realtechtalk.com/curl_35_Unknown_SSL_protocol_error_in_connection_Solution_Centos-1988-articles
curl https://localhost:3000
curl: (35) Unknown SSL protocol error in connection to localhost:-9847
(not sure where that number -9847came from since I requested port 3000)
fix: turns out my server on port 3000 was running "http" not "https" go figure.
Thanks for contributing an answer to Stack Overflow!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
