https doesn't work with specific domains. tested on 7.35, 7.36 and 7.37 on ubuntu 14.04
try this URL https://intouch.techdata.com/
> curl --verbose "https://intouch.techdata.com/" * Hostname was NOT found in DNS cache * Trying 80.152.49.70... * Connected to intouch.techdata.com (80.152.49.70) port 443 (#0) * successfully set certificate verify locations: * CAfile: /etc/ssl/certs/ca-certificates.crt CApath: none * SSLv3, TLS handshake, Client hello (1): * Unknown SSL protocol error in connection to intouch.techdata.com:443 * Closing connection 0 curl: (35) Unknown SSL protocol error in connection to intouch.techdata.com:443
i used few online SSL tools, SSL for this domain seems to be configured OK. site works in browsers etc.
curl --version output:
curl 7.37.0 (x86_64-unknown-linux-gnu) libcurl/7.37.0 OpenSSL/1.0.1f zlib/1.2.8 libidn/1.28 libssh2/1.4.3 librtmp/2.3
Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps pop3 pop3s rtmp rtsp scp sftp smtp smtps telnet tftp
Features: IDN IPv6 Largefile NTLM NTLM_WB SSL libz TLS-SRP
it's a new issue because everyting is OK with 7.19.7 @ CentOS 6, curl works perfectly. Also I had no issue with older curl version at ubuntu 13.10. problem started after I upgraded my system to ubuntu 14.04 (which comes with curl 7.35)
i think it might be related with bug #1319
Last edit: Altruista 2014-05-30
What is the curl --version output of the working version? I suspect it's not using the same OpenSSL version.
It is most likely a case of a RC4-using cipher being required. See bug [#1329]
Related
Bugs:
#1329See also this document:
https://github.com/bagder/curl/blob/master/docs/SSL-PROBLEMS
curl 7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.15.3 zlib/1.2.3 libidn/1.18 libssh2/1.4.2
is working
Last edit: Altruista 2014-06-02
I just tried with my stock 7.37.0 version from debian and this works fine:
$ curl https://intouch.techdata.com/
$ curl -V
curl 7.37.0 (x86_64-pc-linux-gnu) libcurl/7.37.0 OpenSSL/1.0.1h zlib/1.2.8 libidn/1.28 libssh2/1.4.3
Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps pop3 pop3s rtsp scp sftp smtp smtps telnet tftp
Features: AsynchDNS GSS-Negotiate IDN IPv6 Largefile NTLM NTLM_WB SSL libz TLS-SRP
I try to install the latest openssl version 1.0.1g from openssl.org,
Last edit: Altruista 2014-06-02
I'm also encountering this issue on an Ubuntu 14.04 based machine - version details for curl are:
$ curl -v "https://intouch.techdata.com/"
Hostname was NOT found in DNS cache
Trying 80.152.49.70...
Connected to intouch.techdata.com (80.152.49.70) port 443 (#0)
successfully set certificate verify locations:
CAfile: none
CApath: /etc/ssl/certs SSLv3, TLS handshake, Client hello (1):
Unknown SSL protocol error in connection to intouch.techdata.com:443
Closing connection 0
curl: (35) Unknown SSL protocol error in connection to intouch.techdata.com:443
$ curl -V
curl 7.35.0 (x86_64-pc-linux-gnu) libcurl/7.35.0 OpenSSL/1.0.1f zlib/1.2.8 libidn/1.28 librtmp/2.3
Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps pop3 pop3s rtmp rtsp smtp smtps telnet tftp
Features: AsynchDNS GSS-Negotiate IDN IPv6 Largefile NTLM NTLM_WB SSL libz TLS-SRP