curl:(35)第一次请求时连接时出现未知的SSL协议错误

时间:2017-01-03 10:37:40

标签: ssl curl openssl

我试图通过xbox live Oauth2.0对用户进行身份验证,但我遇到此错误,该错误仅在第一次请求时出现(之后它会工作几分钟)。我已经尝试过--sslv *, - tlsv1, - ,,,没有任何帮助。

vagrant@vagrant:~$ curl -v https://xsts.auth.xboxlive.com/xsts/authorize
* Hostname was NOT found in DNS cache
*   Trying 134.170.178.199...
* Connected to xsts.auth.xboxlive.com (134.170.178.199) port 443 (#0)
* successfully set certificate verify locations:
*   CAfile: none
  CApath: /etc/ssl/certs
* SSLv3, TLS handshake, Client hello (1):
* Unknown SSL protocol error in connection to xsts.auth.xboxlive.com:443
* Closing connection 0
curl: (35) Unknown SSL protocol error in connection to xsts.auth.xboxlive.com:443

root@admin:~# curl -v https://xsts.auth.xboxlive.com/xsts/authorize
*   Trying 134.170.179.106...
* Connected to xsts.auth.xboxlive.com (134.170.179.106) port 443 (#0)
* found 173 certificates in /etc/ssl/certs/ca-certificates.crt
* found 696 certificates in /etc/ssl/certs
* ALPN, offering http/1.1
* gnutls_handshake() failed: Error in the pull function.
* Closing connection 0
curl: (35) gnutls_handshake() failed: Error in the pull function.

本地计算机和生产中的CURL和OpenSSL版本

vagrant@vagrant:~$ curl --version
curl 7.35.0 (x86_64-pc-linux-gnu) libcurl/7.35.0 OpenSSL/1.0.1f zlib/1.2.8 libidn/1.28 librtmp/2.3
Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps pop3 pop3s rtmp rtsp smtp smtps telnet tftp
Features: AsynchDNS GSS-Negotiate IDN IPv6 Largefile NTLM NTLM_WB SSL libz TLS-SRP

root@admin:~# curl --version
curl 7.47.0 (x86_64-pc-linux-gnu) libcurl/7.47.0 GnuTLS/3.4.10 zlib/1.2.8 libidn/1.32 librtmp/2.3
Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps pop3 pop3s rtmp rtsp smb smbs smtp smtps telnet tftp
Features: AsynchDNS IDN IPv6 Largefile GSS-API Kerberos SPNEGO NTLM NTLM_WB SSL libz TLS-SRP UnixSockets

任何帮助将不胜感激!

2 个答案:

答案 0 :(得分:0)

我通过编译并通过http2支持安装curl来解决该问题。

您可以为此使用此链接:https://askubuntu.com/questions/884899/how-do-i-install-curl-with-http2-support

答案 1 :(得分:0)

我不知道您的设置细节,但是错误

未知的SSL协议错误

可能在以下情况下发生

  • 服务器不喜欢使用的SSL协议
  • 服务器和客户端无法找到有关密码的协议(服务器和客户端之间的密码不匹配)
  • 证书或密钥已过期

在调试模式下尝试 openssl s_client 以获得更多信息