curl TLS握手不成功

时间:2020-04-08 14:25:40

标签: curl tcp centos8

我尝试使用curl从虚拟机(centos)调用多个API网关。 

 curl https://xxxx.execute-api.eu-central-1.amazonaws.com -v

除一个项目外,此项目均正常工作。

curl调用在ClientHello之后挂起,直到超时。接下来应该是ServerHello,但是什么也没发生。

curl https://xxxx.execute-api.eu-central-1.amazonaws.com -v
* connected to xxxx.execute-api.eu-central-1.amazonaws.com port 443
* ALPN, offering h2
* APLN, offering http/1.1
* successfully set certificate verfiy locations
*   CAfile: /etc/pki/tls/certs/ca-bundle.crt
* CAPath: none
* TLSv1.3 (OUT), TLS handshake, Client hello (1): 
* OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to xxxx.execute-api.eu-central-1.amazonaws.com:443
* Closing connection 0

在TCP级别,您可以看到tcp_sync和tcp_ack的ID不匹配。

vm_client.48012 > api_gateway.https: Flags [S], seq 2805348193, win 29200, options [mss 1460,sackOK,TS val 919578686 ecr 0,nop,wscale 7], length 0
api_gateway.https > vm_client.48012: Flags [S.], seq 1879651467, ack 2805348194, win 26847, options [mss 1460,sackOK,TS val 88620492 ecr 919578686,nop,wscale 8], length 0
vm_client.48012 > api_gateway.https: Flags [.], ack 1, win 229, options [nop,nop,TS val 919578721 ecr 88620492], length 0
vm_client.48012 > api_gateway.https: Flags [P.], seq 1:518, ack 1, win 229, options [nop,nop,TS val 919578739 ecr 88620492], length 517
api_gateway.https > vm_client.48012: Flags [.], ack 518, win 110, options [nop,nop,TS val 88620506 ecr 919578739], length 0
api_gateway.https > vm_client.48012: Flags [P.], seq 4345:5332, ack 518, win 110, options [nop,nop,TS val 88620506 ecr 919578739], length 987
vm_client.48012 > api_gateway.https: Flags [.], ack 1, win 244, options [nop,nop,TS val 919578776 ecr 88620506,nop,nop,sack 1 {4345:5332}], length 0

vm_client.48012 > api_gateway.https: Flags [.], ack 1, win 244, options [nop,nop,TS val 919640456 ecr 88620506,nop,nop,sack 1 {4345:5332}], length 0
api_gateway.https > vm_client.48012: Flags [.], ack 518, win 110, options [nop,nop,TS val 88635940 ecr 919578776], length 0
vm_client.48012 > api_gateway.https: Flags [.], ack 1, win 244, options [nop,nop,TS val 919701898 ecr 88620506,nop,nop,sack 1 {4345:5332}], length 0
api_gateway.https > vm_client.48012: Flags [.], ack 518, win 110, options [nop,nop,TS val 88651295 ecr 919578776], length 0
vm_client.48012 > api_gateway.https: Flags [.], ack 1, win 244, options [nop,nop,TS val 919763339 ecr 88620506,nop,nop,sack 1 {4345:5332}], length 0
api_gateway.https > vm_client.48012: Flags [.], ack 518, win 110, options [nop,nop,TS val 88666654 ecr 919578776], length 0
vm_client.48012 > api_gateway.https: Flags [.], ack 1, win 244, options [nop,nop,TS val 919824781 ecr 88620506,nop,nop,sack 1 {4345:5332}], length 0
api_gateway.https > vm_client.48012: Flags [.], ack 518, win 110, options [nop,nop,TS val 88682014 ecr 919578776], length 0

这里出了什么问题,我怎样才能解决真正的问题?有什么想法吗?
虚拟机上的防火墙已关闭。

1 个答案:

答案 0 :(得分:0)

在eth-config中没有设置MTU大小。

相关问题
最新问题