如何解决curl:(35)错误 [英] how to solve curl: (35) error
问题描述
如果我在我的CentOS 5机器上运行这个命令:
curl -LsS https://symfony.com/installer -o / usr / local / bin / symfony
我收到此错误:
curl:(35)错误:14077410:SSL例程:SSL23_GET_SERVER_HELLO:sslv3警报握手失败
$但是,如果我运行:
curl -v https: //symfony.com/
我得到:
*关于to()到symfony.com端口443(#0)
*尝试176.34.106.156 ...
*连接到symfony。 com(176.34.106.156)端口443(#0)
*成功设置证书验证位置:
* CAfile:/etc/pki/tls/certs/ca-bundle.crt
CApath:无
* SSLv3,TLS握手,客户端问候(1):
* SSLv3,TLS握手,服务器hello(2):
* SSLv3,TLS握手,CERT $ b * SSLv3,TLS握手,服务器完成(14):
* SSLv3,TLS握手,客户端密钥交换(16):
* SSLv3,TLS更改密码,客户端问候$ b * SSLv3,TLS握手,完成(20):
* SSLv3,TLS更改密码,客户端问候(1):
* SSLv3,TLS握手, SSL连接使用AES128-SHA
*服务器证书:
*主题:OU =域控制验证; OU = Gandi标准SSL; CN = symfony.com
*开始日期:2014-11-21 00:00:00 GMT
*过期日期:2017-11-21 23:59:59 GMT
* subjectAltName: symfony.com matched
* issuer:C = FR; ST = Paris; L = Paris; O = Gandi; CN = Gandi Standard SSL CA 2
* SSL证书验证确定。
> GET / HTTP / 1.1
> User-Agent:curl / 7.29.0
>主机:symfony.com
>接受:* / *
>
< HTTP / 1.1 200 OK
< Accept-Ranges:bytes
<年龄:138
< Cache-Control:public,s-maxage = 600
< Content-Type:text / html; charset = UTF-8
<日期:星期六,07 Jan 2017 03:05:08 GMT
<服务器:nginx / 1.4.6(Ubuntu)
< Via:1.1 varnish-v4
< X-Varnish:168003559 167316902
< Content-Length:34582
<连接:keep-alive
<
使用-v选项,显然可以使用SSLv3。如何使用第一个命令为了成功建立连接?
编辑:
curl信息与一个Redhat服务器,其中curl工作,这些是结果:
我的CentOS 5curl -V信息:
[root @ orahost tls]#curl -V
curl 7.29.0(i686-redhat-linux-gnu)libcurl / 7.29.0 OpenSSL / 0.9.8b zlib / 1.2.3 libidn / 0.6.5 libssh2 / 1.4.3
协议:dict文件ftp ftps gopher http https imap imaps ldap ldaps pop3 pop3s rtsp scp sftp smtp smtps telnet tftp
特点: AsynchDNS GSS-Negotiate IDN IPv6大文件NTLM NTLM_WB SSL libz
RedHat 6curl -V
[root @ vps-1128921-x / etc / pki / tls]#curl -V
curl 7.19。 7(x86_64-redhat-linux-gnu)libcurl / 7.19.7 NSS / 3.21基本ECC zlib / 1.2.3 libidn / 1.18 libssh2 / 1.4.2
协议:tftp ftp telnet dict ldap ldaps http文件https ftps scp sftp
特性:GSS-Negotiate IDN IPv6大文件NTLM SSL libz
我注意到我的CentOS使用OpenSSL,而Redhat不使用。难道这是问题吗?
解决方案你在Mac OS吗?如果是这样,请尝试重新安装cURL:
brew install curl
brew link curl --force
有关说明,请参阅以下链接:
http://unix.stackexchange.com/questions/192944/how-to-fix-curl-sslv3-alert-handshake-failure
也请尝试:
curl -LsS3 https ://symfony.com/installer -o / usr / local / bin / symfony
选项--sslv3。
以下是cURL的所有选项(如果需要):
https: //curl.haxx.se/docs/manpage.htmlIf I run in my CentOS 5 machine this command:
curl -LsS https://symfony.com/installer -o /usr/local/bin/symfony
I get this error:
curl: (35) error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure
However, if I run:
curl -v https://symfony.com/
I get this:
* About to connect() to symfony.com port 443 (#0) * Trying 176.34.106.156... * Connected to symfony.com (176.34.106.156) port 443 (#0) * successfully set certificate verify locations: * CAfile: /etc/pki/tls/certs/ca-bundle.crt CApath: none * SSLv3, TLS handshake, Client hello (1): * SSLv3, TLS handshake, Server hello (2): * SSLv3, TLS handshake, CERT (11): * SSLv3, TLS handshake, Server finished (14): * SSLv3, TLS handshake, Client key exchange (16): * SSLv3, TLS change cipher, Client hello (1): * SSLv3, TLS handshake, Finished (20): * SSLv3, TLS change cipher, Client hello (1): * SSLv3, TLS handshake, Finished (20): * SSL connection using AES128-SHA * Server certificate: * subject: OU=Domain Control Validated; OU=Gandi Standard SSL; CN=symfony.com * start date: 2014-11-21 00:00:00 GMT * expire date: 2017-11-21 23:59:59 GMT * subjectAltName: symfony.com matched * issuer: C=FR; ST=Paris; L=Paris; O=Gandi; CN=Gandi Standard SSL CA 2 * SSL certificate verify ok. > GET / HTTP/1.1 > User-Agent: curl/7.29.0 > Host: symfony.com > Accept: */* > < HTTP/1.1 200 OK < Accept-Ranges: bytes < Age: 138 < Cache-Control: public, s-maxage=600 < Content-Type: text/html; charset=UTF-8 < Date: Sat, 07 Jan 2017 03:05:08 GMT < Server: nginx/1.4.6 (Ubuntu) < Via: 1.1 varnish-v4 < X-Varnish: 168003559 167316902 < Content-Length: 34582 < Connection: keep-alive <
With the -v option, apparently SSLv3 can be used. How to use the first command in order to successful establish the connection?
EDIT:
I have compared the curl information with a Redhat server where curl does work, and these were the results:
My CentOS 5 "curl -V" information:
[root@orahost tls]# curl -V curl 7.29.0 (i686-redhat-linux-gnu) libcurl/7.29.0 OpenSSL/0.9.8b zlib/1.2.3 libidn/0.6.5 libssh2/1.4.3 Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps pop3 pop3s rtsp scp sftp smtp smtps telnet tftp Features: AsynchDNS GSS-Negotiate IDN IPv6 Largefile NTLM NTLM_WB SSL libz
The RedHat 6 "curl -V" information:
[root@vps-1128921-x /etc/pki/tls] # curl -V curl 7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.21 Basic ECC zlib/1.2.3 libidn/1.18 libssh2/1.4.2 Protocols: tftp ftp telnet dict ldap ldaps http file https ftps scp sftp Features: GSS-Negotiate IDN IPv6 Largefile NTLM SSL libz
I notice that my CentOS uses OpenSSL while the Redhat does not. Could this be the problem?
解决方案Are you on Mac OS? if so try this to re install cURL:
brew install curl brew link curl --force
See this link for explanation: http://unix.stackexchange.com/questions/192944/how-to-fix-curl-sslv3-alert-handshake-failure
Also try:
curl -LsS3 https://symfony.com/installer -o /usr/local/bin/symfony
adding -3 option for --sslv3. Here's all the options for cURL in case you need it: https://curl.haxx.se/docs/manpage.html
这篇关于如何解决curl:(35)错误的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!