Debian
Curl 給出“SSL 常式:ssl3_read_bytes:sslv3 警報握手失敗”
當我執行 curl 時,
https://www.ethics.state.tx.us/data/search/lobby/TEC_LA_CSV.zip我得到一個error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure我試過添加
-2和-3其他我在網上看到的東西,但似乎沒有任何效果。如何解決此問題並使用 curl 下載此文件。這是下面 curl 的輸出,
$ curl -vvvk "https://www.ethics.state.tx.us/data/search/lobby/TEC_LA_CSV.zip" * Trying 204.65.203.80:443... * TCP_NODELAY set * Connected to www.ethics.state.tx.us (204.65.203.80) port 443 (#0) * ALPN, offering h2 * ALPN, offering http/1.1 * successfully set certificate verify locations: * CAfile: /etc/ssl/certs/ca-certificates.crt CApath: /etc/ssl/certs * TLSv1.3 (OUT), TLS handshake, Client hello (1): * TLSv1.3 (IN), TLS alert, handshake failure (552): * error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure * Closing connection 0 curl: (35) error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure當我嘗試使用時,我也看到了這個
-2,curl: (4) OpenSSL was built without SSLv2 support和
-3curl: (4) OpenSSL was built without SSLv3 support
我不得不使用超級機密,Debian/Ubuntu
--ciphers DEFAULT@SECLEVEL=1$ curl --ciphers DEFAULT@SECLEVEL=1 -vvvk "https://www.ethics.state.tx.us/data/search/lobby/TEC_LA_CSV.zip"在我們的例子中,這啟用了 TLS1.2,AES128-GCM-SHA256 的協商
* TLSv1.2 (IN), TLS handshake, Server finished (14): * TLSv1.2 (OUT), TLS handshake, Client key exchange (16): * TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1): * TLSv1.2 (OUT), TLS handshake, Finished (20): * TLSv1.2 (IN), TLS handshake, Finished (20): * SSL connection using TLSv1.2 / AES128-GCM-SHA256 * ALPN, server did not agree to a protocol來自 irc://irc.freenode.net/#curl
01:40 < bagder> EvanCarroll: add "--ciphers DEFAULT@SECLEVEL=1" 01:41 < EvanCarroll> zomfg. 01:41 < EvanCarroll> Where is that documented. 01:41 < EvanCarroll> nice trick. 01:42 < bagder> that's debian (ubuntu?) making things hard for users by upping that seclevel in the openssl conf 01:42 < bagder> and openssl gives a crappy error message there too, not helping either