Ssl – Curl with SSL not working on ubuntu server

curlopensslssl

When I try to Curl a SSL page on my ubuntu 12.04 TLS server, it won't work:

not ssl page:

$ curl https://evernote.com/ -vv
[the entire webpage]

ssl page:

$ curl https://evernote.com/ -vv
* About to connect() to evernote.com port 443 (#0)
*   Trying 204.154.94.73... connected
* successfully set certificate verify locations:
*   CAfile: none
  CApath: /etc/ssl/certs
* SSLv3, TLS handshake, Client hello (1):
* Unknown SSL protocol error in connection to evernote.com:443 
* Closing connection #0
curl: (35) Unknown SSL protocol error in connection to evernote.com:443

This does work on my own machine (OS X).

When I try it via openSSL:

$ openssl s_client -connect evernote.com:433
connect: Connection timed out
connect:errno=110

openSSL version:

$ openssl version
OpenSSL 1.0.1c 10 May 2012

Best Answer

You seem to have a typo.

$ openssl s_client -connect evernote.com:433

Port 433 is not open on the remote host, which is why you got error 110 (Connection refused).

Try using port 443 (the standard HTTPS port) instead.

As for curl, I can replicate the problem when using evernote.com, but www.evernote.com works properly (though it sends a 302 redirect to https://evernote.com/.

$ curl https://evernote.com/ -vv
* About to connect() to evernote.com port 443 (#0)
*   Trying 204.154.94.73...
* connected
* Connected to evernote.com (204.154.94.73) port 443 (#0)
* Initializing NSS with certpath: sql:/etc/pki/nssdb
*   CAfile: /etc/pki/tls/certs/ca-bundle.crt
  CApath: none
* NSS error -5938 (PR_END_OF_FILE_ERROR)
* Encountered end of file
* Closing connection #0
curl: (35) Encountered end of file

This means that the server killed the connection. For whatever reason it really doesn't want to talk to us.

This is probably not something that you can fix.

Related Topic