SSL23_GET_SERVER_HELLO: reason (1112) issue curl 7.25.0

Navegue suas respostas
4

Por favor considere dois comandos curl :

curl -v --ssl link 

* About to connect() to example.com port 443 (#0)
*   Trying 10.20.30.40...
* connected
* Connected to example.com (10.20.30.40) port 443 (#0)
* successfully set certificate verify locations:
*   CAfile: /etc/ssl/certs/ca-certificates.crt
  CApath: none
* SSLv3, TLS handshake, Client hello (1):
* error:14077458:SSL routines:SSL23_GET_SERVER_HELLO:reason(1112)
* Closing connection #0
curl: (35) error:14077458:SSL routines:SSL23_GET_SERVER_HELLO:reason(1112)

curl -v -3 --ssl link 

 About to connect() to example.com port 443 (#0)
*   Trying 10.20.30.40...
* connected
* Connected to example.com (10.20.30.40) port 443 (#0)
* successfully set certificate verify locations:
*   CAfile: /etc/ssl/certs/ca-certificates.crt
  CApath: none
* SSLv3, TLS handshake, Client hello (1):
* SSLv3, TLS handshake, Server hello (2):
* SSLv3, TLS handshake, CERT (11):
* SSLv3, TLS handshake, Server key exchange (12):
* SSLv3, TLS handshake, Server finished (14):
* SSLv3, TLS handshake, Client key exchange (16):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSL connection using DHE-RSA-AES256-SHA
* Server certificate:
*      subject: (certificate token etc.)
*      start date: 2013-03-24 12:59:13 GMT
*      expire date: 2014-03-28 05:41:38 GMT
*      subjectAltName: example.com matched
*      issuer: C=US; O=GeoTrust, Inc.; CN=RapidSSL CA
*      SSL certificate verify ok.
> GET /status.php HTTP/1.1
> User-Agent: curl/7.25.0 (x86_64-unknown-linux-gnu) libcurl/7.25.0 OpenSSL/0.9.8o zlib/1.2.7 libidn/1.15 libssh2/1.2.6
> Host: example.com
> Accept: */*
>
< HTTP/1.1 200 OK
< Date: Mon, 23 Sep 2013 11:00:51 GMT
< Server: Apache
< Content-Length: 195
< Connection: close
< Content-Type: text/plain; charset=utf-8
<
(html there)
* Closing connection #0
* SSLv3, TLS alert, Client hello (1)

Parâmetros:

  • -v = verbose
  • --ssl = use SSL
  • -3 = use SSLv3

A pergunta é: por que tal SSL23_GET_SERVER_HELLO:reason(1112) de erro? Como corrigi-lo? É o problema de cliente ou servidor (servidor https)?

Eu não me importaria de usar o curl com o parâmetro -3 , mas o mesmo problema aparece ao usar a função file_get_contents() do PHP. Eu sei que existem soluções alternativas do PHP, mas quero fazer as coisas corretamente.

    
por Peter 23.09.2013 / 13:10

1 resposta

3

Eu encontrei o problema

ServerName example.com:443

estava faltando na configuração ssl.conf

    
por 23.09.2013 / 13:17

Tags

Estrutura de verificação de integridade do arquivo de configuração / Software / Conceito Configurando o Debian 7 intervalo de endereços IP estáticos