cURL / Mailing Lists / curl-users / Single Mail

curl-users

Re: SSL client sending (type 21) Encrypted Alert

From: Daniel Stenberg <daniel_at_haxx.se>
Date: Mon, 9 Feb 2009 14:28:15 +0100 (CET)

On Mon, 9 Feb 2009, Shirish Indurkar wrote:

> I am trying to use curl for secure session with https server, however, I see
> the client (Cent OS) sending "encrypted alert" type 21 message. This being
> fatal error, server thus subsequently sends "Fin" and the session is closed.
>
> Type 21 message points to "decryption failed", before this, Client and
> server exchange the "Hello" messages and client sending "client key exchange
> , change cipher spec" message.

Uh, I figure "type 21" is a TLS packet? If so, then isn't this entire
handshake procedure the responsibility of the SSL library?

> Any idea how to avoid this error? I am suppressing SSL cert verification at
> client side using "k" option and tried using various versions using -1, -2 ,
> -3 options.

Is your curl built with OpenSSL? If so, can you connect to the site using
s_client?

-- 
  / daniel.haxx.se
-------------------------------------------------------------------
List admin: http://cool.haxx.se/cgi-bin/mailman/listinfo/curl-users
FAQ:        http://curl.haxx.se/docs/faq.html
Etiquette:  http://curl.haxx.se/mail/etiquette.html
Received on 2009-02-09