卷曲错误“没有替代证书." [英] Curl error "no alternative certificate.."
问题描述
我们只有一个托管在Amazon上的服务器(开发服务器)存在问题.通过运行以下命令对特定域执行curl请求时,会发生问题:
We have a problem in only one of our servers hosted at Amazon (the development server). The problem happens when doing a curl request to a specific domain, by running this:
> curl https://api.plivo.com
结果:
卷曲:(51)SSL:没有其他证书主题名称与目标主机名"api.plivo.com"匹配
curl: (51) SSL: no alternative certificate subject name matches target host name 'api.plivo.com'
我进行了一些研究,发现服务器的证书可能有问题,但是,如果我在其他任何服务器上尝试使用此证书,都可以正常工作,与本地计算机上的证书相同.因此,我认为这可能是curl造成的缓存问题?我尝试重新安装,更新它,但没有骰子.因此,我几乎要创建一台新的开发机,因为它阻止了我们使用该服务.
I did some research and found out that it might be a problem with the server's certificate, however if I try this from any other server it works fine, same on my local machine. So I'm thinking that this might be a cache issue from curl? I tried reinstalling it, updating it, but no dice. I'm almost creating a new dev machine because of this, because it's blocking us from using this service.
推荐答案
从评论中总结:
- 好的和坏的系统实际上访问了配置有不同证书的不同服务器.这就是为什么它在一个系统上失败而在另一个系统上失败的原因.
- 造成这种差异的原因是,错误的系统在
/etc/hosts中有一个条目,该条目用于询问DNS服务器. - 通过比较
curl -v的输出并意识到显示的目标IP地址不同,发现了问题. - 通过删除
/etc/hosts中的旧条目已解决了该问题,现在它可以查询DNS服务器并获取服务器的正确IP地址.
- The good and the bad system actually accessed different servers which were configured with different certificates. That's why it failed on one system but not on the other.
- The reason for this difference was that the bad system had an entry in
/etc/hostswhich was used instead of asking the DNS server. - The problem was found by comparing the output of
curl -vand realizing that the shown target IP address was different. - The problem was fixed by removing the old entry in
/etc/hostsso that it now queries the DNS server and gets the correct IP address of the server.
这篇关于卷曲错误“没有替代证书."的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
