curl-users
RE: FW: curl command for ssl won't connect
Date: Mon, 13 Jan 2014 17:55:31 +0000
Dan,
Thanks I ran using --ftp-ssl-ccc with the results below:
$curl -v -k --ftp-ssl-ccc ftps://User:Pwd_at_URL
* About to connect() to URL port 990 (#0)
* Trying 999.999.99.99...
* connected
* Connected to URL (999.999.99.99) port 990 (#0)
* SSLv3, TLS handshake, Client hello (1):
* SSLv3, TLS handshake, Server hello (2):
* SSLv3, TLS handshake, CERT (11):
* SSLv3, TLS handshake, Server key exchange (12):
* SSLv3, TLS handshake, Server finished (14):
* SSLv3, TLS handshake, Client key exchange (16):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSL connection using DHE-RSA-AES256-SHA
* Server certificate:
* subject: CN=TI; C=US; L=Jacksonville; ST=FL; O=TI; OU=IT; emailAddress=x_at_x.com
* start date: 201
* expire date: 201
* common name: TI (does not match 'URL')
* issuer: CN=
* SSL certificate verify result: self signed certificate (18), continuing anyway.
< 220 Titan FTP Server 7.12.881 Ready.
> USER User
< 331 User name okay, need password.
> PASS PWd
< 230-Welcome User from 000.00.000.0. You are now logged in to the server.
< 230 User logged in, proceed.
> PBSZ 0
< 200 Command OK. PBSZ=0
> PROT P
< 200 Encrypting Data Channel.
> CCC
* SSL read: error:00000000:lib(0):func(0):reason(0), errno 73
* Closing connection #0
-----Original Message-----
From: Dan Fandrich [mailto:dan_at_coneharvesters.com]
Sent: January-09-14 2:05 AM
To: Flores,Miguel,NORTH YORK,LGO Business Connections
Subject: Re: FW: curl command for ssl won't connect
Please send messages to the list next time so other people can search for and find our exchange next time and save people the hassle of future such requests.
On Thu, Jan 09, 2014 at 12:12:01AM +0000, Flores,Miguel,NORTH YORK,LGO Business Connections wrote:
> Dan,
>
> I have used the -v see output generated. It connects but then closes
> connection. Any help is well appreciated
>
> $curl -v -k --disable-epsv --ftp-skip-pasv-ip --ftp-ssl
> ftps://User:Pwd_at_URL
> * About to connect() to URL port 990 (#0)
> * Trying 999.999.99.99...
> * connected
> * Connected to URL (999.999.99.99) port 990 (#0)
> * SSLv3, TLS handshake, Client hello (1):
> * SSLv3, TLS handshake, Server hello (2):
> * SSLv3, TLS handshake, CERT (11):
> * SSLv3, TLS handshake, Server key exchange (12):
> * SSLv3, TLS handshake, Server finished (14):
> * SSLv3, TLS handshake, Client key exchange (16):
> * SSLv3, TLS change cipher, Client hello (1):
> * SSLv3, TLS handshake, Finished (20):
> * SSLv3, TLS change cipher, Client hello (1):
> * SSLv3, TLS handshake, Finished (20):
> * SSL connection using DHE-RSA-AES256-SHA
> * Server certificate:
> * subject: CN=TI; C=US; L=Jacksonville; ST=FL; O=TI; OU=IT; emailAddress=AG_at_TI.com<mailto:emailAddress=AG_at_TI.com>
> * start date: 201
> * expire date: 201
> * common name: TI (does not match 'URL')
> * issuer: CN=
> * SSL certificate verify result: self signed certificate (18), continuing anyway.
> < 220 Titan FTP Server 7.12.881 Ready.
> > USER User
> < 331 User name okay, need password.
> > PASS Pwd
> < 230-Welcome Test from 111.11.111.1. You are now logged in to the server.
> < 230 User logged in, proceed.
> > PBSZ 0
> < 200 Command OK. PBSZ=0
> > PROT P
> < 200 Encrypting Data Channel.
> > PWD
> < 257 "/" is current directory.
> * Entry path is '/'
> > PASV
> * Connect data stream passively
> < 227 Entering Passive Mode (999,999,99,99,39,91).
> * Skips 999.999.99.99 for data connection, uses 999.999.99.99 instead
You've used --ftp-skip-pasv-ip so it's using a different IP address. That may or may not be correct.
> * Trying 999.999.99.99...
> * A remote host did not respond within the timeout period.
> * couldn't connect to host
There's probably a firewall between your machine and the remote server that's preventing the data connection from being established. You could try an explicit SSL connection and use --ftp-ssl-ccc to send the control connection in the clear to allow a packet inspection firewall to automatically open a hole for the connection.
> * Closing connection #0
> * SSLv3, TLS alert, Client hello (1):
> curl: (7) couldn't connect to host
>
> Thanks,
>
>
> Miguel
>
>
> ________________________________
> This email may contain confidential and/or privileged information. If you are not the intended recipient (or have received this email in error) please notify the sender immediately and destroy this email. Any unauthorized copying, disclosure or distribution of the material in this email is strictly forbidden.
> ________________________________
> Ce courriel pourrait contenir des renseignements confidentiels ou protégés. Si vous n'êtes pas le destinataire prévu (ou si vous avez reçu ce courriel par erreur), veuillez en informer l'expéditeur sans tarder et détruire ce courriel. Toute reproduction, divulgation ou diffusion non autorisées de la documentation comprise dans ce courriel est strictement interdite.
________________________________
This email may contain confidential and/or privileged information. If you are not the intended recipient (or have received this email in error) please notify the sender immediately and destroy this email. Any unauthorized copying, disclosure or distribution of the material in this email is strictly forbidden.
________________________________
Ce courriel pourrait contenir des renseignements confidentiels ou protégés. Si vous n'êtes pas le destinataire prévu (ou si vous avez reçu ce courriel par erreur), veuillez en informer l'expéditeur sans tarder et détruire ce courriel. Toute reproduction, divulgation ou diffusion non autorisées de la documentation comprise dans ce courriel est strictement interdite.
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-users
FAQ: http://curl.haxx.se/docs/faq.html
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2014-01-13