Ssl – What are the possible causes of a curl protocol error

consulcurlsquidssl

I'm getting the following error with curl:

# curl -vvvv https://192.168.99.100:8501/ui
*   Trying 192.168.99.100...
* Connected to 192.168.99.100 (192.168.99.100) port 8501 (#0)
* WARNING: using IP address, SNI is being disabled by the OS.
* Unknown SSL protocol error in connection to 192.168.99.100:-9825
* Closing connection 0
curl: (35) Unknown SSL protocol error in connection to 192.168.99.100:-9825

When I read the accounts of others – they say there are three possible causes:

  1. The Destination Site Does Not Like the Protocol
  2. The Destination Site Does Not Like the Cipher (SSLv3 issue)
  3. The SSL Private cert Has Expired
  4. A Curl bug

Now I've checked these four – and am still getting the error – so there must be a fourth reason. My question is: What are the possible causes of a curl protocol error?

I'm guessing I'll have to turn SSL trace on – but I'm trying to avoid having to do that.

(Note that this is also having issues talking to a squid proxy).

Best Answer

I was getting similar errors ("NSS error -5938" and "curl: (35) SSL connect error") when curling the Consul download zip file (https://releases.hashicorp.com/consul/0.6.4/consul_0.6.4_linux_amd64.zip).

Updating the NSS package fixed the issue.

yum update nss.x86_64

Related Topic