Re: curl with tlsv1.2
Date: Thu, 11 Jul 2019 10:26:25 +0530
Hi Ray & Jan ,
Thanks for your replies.
Ray, one of the file is being uploaded to destination using this method.
later in searching below error of
"SSLv2, Unknown (23):"
I see that there is an issue with the curl 7.36 (the version i used ) n
with respect to ssl, Now i tool latest curl 7.65.1 compiled with
openssl-1.0.2r .
Below is the invocation , still i see some issue like " ALPN, server did
not agree to a protocol" . Below is the logtrace of the same.
cat ntest-1000v.5.2.1.VSG2.2.2.disk1.vmdk | /home/admin/curl/bin/curl
--tlsv1.2 -T - --fail -v --insecure --request POST --header "Connection:
Keep-Alive" --header "Content-Type: application/x-vnd.vmware-streamVmdk"
https://10.126.129.101/nfc/522532fc-0ff3-caac-49c9-082aee06a407/disk-0.vmdk
* Trying 10.126.129.101:443...
* TCP_NODELAY set
* Connected to 10.126.129.101 (10.126.129.101) port 443 (#0)
* ALPN, offering http/1.1
* Cipher selection:
ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
* successfully set certificate verify locations:
* CAfile: /etc/pki/tls/certs/ca-bundle.crt
CApath: none
* TLSv1.2 (OUT), TLS header, Certificate Status (22):
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384
* ALPN, server did not agree to a protocol
* Server certificate:
* subject: C=US; ST=California; L=Palo Alto; O=VMware; OU=VMware
Engineering; CN=10.126.129.101; emailAddress=vmca_at_vmware.com
* start date: Jun 11 07:43:54 2019 GMT
* expire date: Jun 10 07:43:54 2024 GMT
* issuer: CN=CA; DC=vsphere; DC=local; C=US; ST=California;
O=localhost.localdom; OU=VMware
* SSL certificate verify result: self signed certificate in certificate
chain (19), continuing anyway.
> POST /nfc/522532fc-0ff3-caac-49c9-082aee06a407/disk-0.vmdk HTTP/1.1
> Host: 10.126.129.101
> User-Agent: curl/7.65.1
> Accept: */*
> Transfer-Encoding: chunked
> Connection: Keep-Alive
> Content-Type: application/x-vnd.vmware-streamVmdk
> Expect: 100-continue
>
* Mark bundle as not supporting multiuse
* The requested URL returned error: 404 Not Found
* Closing connection 0
* TLSv1.2 (OUT), TLS alert, close notify (256):
curl: (22) The requested URL returned error: 404 Not Found
Can we know what am i missing here?.
On Thu, Jul 11, 2019 at 8:45 AM Ray Satiro via curl-users <
curl-users_at_cool.haxx.se> wrote:
> On 7/8/2019 10:50 PM, ramakanth varala via curl-users wrote:
>
> I am trying to access URL with https , which is enabled with TLSv1.2 .
>
> I see that the request using curl and it's getting declined from the
> server end.
>
> Below is the curl command and the response i get.
>
> =======================================================
> [root_at_localhost download]# cat
> /opt/abc/download/nexus-1000v.5.2.1.ABCD2.2.2.disk1.vmdk |
> /home/admin/curl-7.36/bin/curl --tlsv1.2 -T - --fail -v --insecure
> --request POST --header "Connection: Keep-Alive" --header "Content-Type:
> application/x-vnd.vmware-streamVmdk"
> https://10.126.129.101/nfc/522532fc-0ff3-caac-49c9-082aee06a407/disk-0.vmdk
> * Hostname was NOT found in DNS cache
> * ?? Trying 10.126.129.101...
> * Connected to 10.126.129.101 (10.126.129.101) port 443 (#0)
> * successfully set certificate verify locations:
> * ?? CAfile: /etc/pki/tls/certs/ca-bundle.crt
> ?? CApath: none
> * SSLv3, TLS Unknown, Unknown (22):
> * SSLv3, TLS handshake, Client hello (1):
> * SSLv2, Unknown (22):
> * SSLv3, TLS handshake, Server hello (2):
> * SSLv2, Unknown (22):
> * SSLv3, TLS handshake, CERT (11):
> * SSLv2, Unknown (22):
> * SSLv3, TLS handshake, Server key exchange (12):
> * SSLv2, Unknown (22):
> * SSLv3, TLS handshake, Server finished (14):
> * SSLv2, Unknown (22):
> * SSLv3, TLS handshake, Client key exchange (16):
> * SSLv2, Unknown (20):
> * SSLv3, TLS change cipher, Client hello (1):
> * SSLv2, Unknown (22):
> * SSLv3, TLS handshake, Finished (20):
> * SSLv2, Unknown (20):
> * SSLv3, TLS change cipher, Client hello (1):
> * SSLv2, Unknown (22):
> * SSLv3, TLS handshake, Finished (20):
> * SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384
> * Server certificate:
> * ?? ?? ?? ??subject: C=US; ST=California; L=Palo Alto; O=VMware;
> OU=VMware Engineering; CN=10.126.129.101; emailAddress=vmca_at_vmware.com
> * ?? ?? ?? ??start date: 2019-06-11 07:43:54 GMT
> * ?? ?? ?? ??expire date: 2024-06-10 07:43:54 GMT
> * ?? ?? ?? ??issuer: CN=CA; DC=vsphere; DC=local; C=US; ST=California;
> O=localhost.localdom; OU=VMware
> * ?? ?? ?? ??SSL certificate verify result: self signed certificate in
> certificate chain (19), continuing anyway.
> * SSLv2, Unknown (23):
> > POST /nfc/522532fc-0ff3-caac-49c9-082aee06a407/disk-0.vmdk HTTP/1.1
> > User-Agent: curl/7.36.0
> > Host: 10.126.129.101
> > Accept: */*
> > Transfer-Encoding: chunked
> > Connection: Keep-Alive
> > Content-Type: application/x-vnd.vmware-streamVmdk
> > Expect: 100-continue
> >
> * SSLv2, Unknown (23):
> * The requested URL returned error: 404 Not Found
> * Closing connection 0
> * SSLv2, Unknown (21):
> * SSLv3, TLS alert, Client hello (1):
> curl: (22) The requested URL returned error: 404 Not Found
> [root_at_localhost download]#
> =======================================================
> Queries?? her are like
>
> 1. How to know on which stage it's getting declined?.
> 2. Is this because of any certificate error?.
>
>
> It looks like you are trying to PUT a file on the server by using -T but
> you're overriding that by using --request POST.
> -----------------------------------------------------------
> Unsubscribe: https://cool.haxx.se/list/listinfo/curl-users
> Etiquette: https://curl.haxx.se/mail/etiquette.html
>
-----------------------------------------------------------
Unsubscribe: https://cool.haxx.se/list/listinfo/curl-users
Etiquette: https://curl.haxx.se/mail/etiquette.html
Received on 2019-07-11