github.com SSL connect error

6月 282018

问题：

# curl https://github.com
curl: (35) SSL connect error

1 2	# curl https://github.com curl: (35) SSL connect error

分析：

tcpdump 抓包、wireshark分析：

基本是由于ssl版本导致的：

client想使用TLS 1.0 ， server说，不行，太低

解决办法：

curl --tlsv1.2 https://github.com

1	curl --tlsv1.2 https://github.com

每次都带上个选项多不方便，使用 .curlrc ; linux上的程序一般都这个套路，在用户目录下写个配置文件：

# cat ~/.curlrc
--tlsv1.2

1 2	# cat ~/.curlrc --tlsv1.2

配置文件格式就是直接写curl的命令行选项，简单粗暴高效。

有些curl -v 就能看到握手的ssl版本号

$ curl -v https://github.com
* Rebuilt URL to: https://github.com/
* Trying 172.16.20.14...
* Connected to github.com (172.16.20.14) port 443 (#0)
* TLS 1.2 connection using TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
* Server certificate: github.com
* Server certificate: DigiCert SHA2 Extended Validation Server CA
* Server certificate: DigiCert High Assurance EV Root CA
&gt; GET / HTTP/1.1
&gt; Host: github.com
&gt; User-Agent: curl/7.49.1
&gt; Accept: */*

$ curl -v https://github.com

* Rebuilt URL to: https://github.com/

* Trying 172.16.20.14...

* Connected to github.com (172.16.20.14) port 443 (#0)

* TLS 1.2 connection using TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

* Server certificate: github.com

* Server certificate: DigiCert SHA2 Extended Validation Server CA

* Server certificate: DigiCert High Assurance EV Root CA

> GET / HTTP/1.1

> Host: github.com

> User-Agent: curl/7.49.1

> Accept: */*

原文链接：https://phpor.net/blog/post/8916

PHPor 的Blog

curl https://github.com SSL connect error

Leave a Reply Cancel reply