Re: curl SSL error on upload
Date: Tue, 10 Dec 2019 18:04:09 -0600
On 2019-12-10 13:01, Perrin, Brandon S via curl-users wrote:
>
> One of the servers that we connect to recently updated their FTPS
> server and after the upgrade we have started seeing errors on upload
> to the server.
>
> We can still make a connection successfully however the upload fails
> with :
>
> NSS error -5938
>
> % Total % Received % Xferd Average Speed Time Time
> Time Current
>
> Dload Upload Total Spent Left
> Speed
>
> 0 0 0 0 0 0 0 0 --:--:-- --:--:--
> --:--:-- 0* Closing connection #0
>
> * SSL connect error
>
> The command we use is :
>
> curl -v --ftp-ssl -1 -k --user userid:password
> "ftp://server.com:20000/directory/test.txt" -T "test.txt"
>
> Full log is below, looking for any others who may have experienced
> this and have suggestions for flags that could possibly be set to
> address this
>
> * About to connect() to server.com port 20000 (#0)
>
> * Trying xxx.xxx.xxx.xxx... connected
>
> * Connected to server.com (xxx.xxx.xxx.xxx) port 20000 (#0)
>
> < 220-FileZilla Server 0.9.60 beta
>
> 220-written by Tim Kosse (Tim.Kosse_at_gmx.de)
>
> < 220 Please visit https://filezilla-project.org/
>
> > AUTH SSL
>
> < 234 Using authentication type TLS
>
> * Initializing NSS with certpath: sql:/etc/pki/nssdb
>
> * warning: ignoring value of ssl.verifyhost
>
> * skipping SSL peer certificate verification
>
> * SSL connection using TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
>
> * Server certificate:
>
> * subject: E=blahblahblah_at_me.com,OU=Audit,O=ACME
> Corp,L=Yahoo,ST=New York,C=US,CN=server.com
>
> * start date: Dec 09 16:35:57 2019 GMT
>
> * expire date: Dec 08 16:35:57 2020 GMT
>
> * common name: server.com
>
> * issuer: E=blahblahblah_at_me.com,OU=Audit,O=ACME
> Corp,L=Yahoo,ST=New York,C=US,CN=server.com
>
> > USER userid
>
> < 331 Password required for userid
>
> > PASS password
>
> < 230 Logged on
>
> > PBSZ 0
>
> < 200 PBSZ=0
>
> > PROT P
>
> < 200 Protection level set to P
>
> > PWD
>
> < 257 "/" is current directory.
>
> * Entry path is '/'
>
> > CWD Concur
>
> < 250 CWD successful. "/Concur" is current directory.
>
> > EPSV
>
> * Connect data stream passively
>
> < 229 Entering Extended Passive Mode (|||20009|)
>
> * Trying xxx.xxx.xxx.xxx... connected
>
> * Connecting to xxx.xxx.xxx.xxx (xxx.xxx.xxx.xxx) port 20009
>
> > TYPE I
>
> < 200 Type set to I
>
> > STOR Cash_Mgt_test.txt
>
> < 150 Opening data channel for file upload to server of
> "/Concur/Cash_Mgt_test.txt"
>
> * Doing the SSL/TLS handshake on the data stream
>
> * warning: ignoring value of ssl.verifyhost
>
> * skipping SSL peer certificate verification
>
> * NSS error -5938
>
> % Total % Received % Xferd Average Speed Time Time
> Time Current
>
> Dload Upload Total Spent Left
> Speed
>
> 0 0 0 0 0 0 0 0 --:--:-- --:--:--
> --:--:-- 0* Closing connection #0
>
> * SSL connect error
>
> curl: (35) SSL connect error
>
>
> -----------------------------------------------------------
> Unsubscribe: https://cool.haxx.se/list/listinfo/curl-users
> Etiquette: https://curl.haxx.se/mail/etiquette.html
Are you intentionally using -k (insecure). Odds are they are requiring
SSL/TLS encryption
-----------------------------------------------------------
Unsubscribe: https://cool.haxx.se/list/listinfo/curl-users
Etiquette: https://curl.haxx.se/mail/etiquette.html
Received on 2019-12-11