curl error 35 : unknown SSL protocol error in connection
$ curl -I https://9.185.173.135
curl: (35) Unknown SSL protocol error in connection to 9.185.173.135:443
This is an secured page that I need to access. But I don't know how to obtain its certificate file. I tried to use Firefox, but it says couldn't get any ssl certificate once th开发者_运维百科e url is entered.
$ curl -I http://9.185.173.135
HTTP/1.1 200 OK
Content-Length: 686
Content-Type: text/html
Content-Location: http://9.185.173.135/Default.htm
Last-Modified: Mon, 16 Mar 2009 05:05:38 GMT
Accept-Ranges: bytes
ETag: "a851dbd8f4a5c91:d41"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Tue, 13 Jul 2010 04:09:35 GMT
The server is definitely reachable from my laptop. Once I get the certificate file, I assume I can then import it to Firefox and then use my credentials to pass the authentication (I already got the username/password).
Sorry I am no expert in security at all. Is there anything else I can try?
Many thanks in advance.
try this
curl_setopt($ch, CURLOPT_SSLVERSION, CURL_SSLVERSION_SSLv3); // Force SSLv3 to fix Unknown SSL Protocol error
To Rudi : Thanks for the hint, that tells me a hell lot of info.
Somehow the admin of the secured page "refreshes" the state of certifications every day. So although I got blocked from accessing it yesterday, it generously lets me to grab another certificate and add it to the exception list of Firefox.
So everything is working, and I really learn something from yesterday's experience.
You can use --tlsv1 option to solve the issue in case the curl version is below 7.34
curl -I --tlsv1 https://9.185.173.135
In my case on a AIX VM also this problem, use --cacert to specific a cacert.pem
curl --cacert /var/ssl/cacert.pem https://localhost:3000
I got the same error when running curl/httpie against a Tomcat server on my localhost deployed from Eclipse. It turns out that default server.xml deployed by Eclipse disables https. Specifically, the section below is commented out in server.xml.
<Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol"
maxThreads="150" SSLEnabled="true" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS" />
After uncommenting it out and adding the two keystore parameters, the curl command starts working (with --insecure option if the certificate is self-signed).
<Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol"
maxThreads="150" SSLEnabled="true" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS" />
keystoreFile="/path/to/your/keystore"
keystorePass="yourpass" />
i have some solutions that fix the issue for me:
1] try update your curl/php/apache [ yum update ]
2] restart apache
Those worked for me!
I had the same error after updating my SSL certificate on the target SSL site.
My source OS was Centos 6 and updating to a new curl version solved it.
*Note I was already using the curl -k (insecure option) but I would still get that error. Essentially this error is caused by nss or openssl being out of date.
yum -y install curl nss openssl
Remember if you have a web application like PHP calling curl you will need to restart Apache to make the update take effect.
I've updated based on this guide: http://realtechtalk.com/curl_35_Unknown_SSL_protocol_error_in_connection_Solution_Centos-1988-articles
I had a similar issue:
curl https://localhost:3000
...
curl: (35) Unknown SSL protocol error in connection to localhost:-9847
(not sure where that number -9847came from since I requested port 3000)
fix: turns out my server on port 3000 was running "http" not "https" go figure.
加载中,请稍侯......
精彩评论