curl / Mailing Lists / curl-users / Single Mail
Buy commercial curl support from WolfSSL. We help you work out your issues, debug your libcurl applications, use the API, port to new platforms, add new features and more. With a team lead by the curl founder himself.

Re: SSL routines:ssl3_read_bytes:sslv3 alert handshake failure

From: Tobias Sette via curl-users <>
Date: Tue, 5 May 2020 02:23:45 -0300

Hi Ray. Here is the command with verbose output:

$ curl -vvv --location ''
*   Trying
* Connected to ( port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
*   CAfile: /etc/ssl/certs/ca-certificates.crt
  CApath: /etc/ssl/certs
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.3 (IN), TLS alert, handshake failure (552):
* error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure
* Closing connection 0
curl: (35) error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert
handshake failure

$ curl --version
curl 7.68.0 (x86_64-pc-linux-gnu) libcurl/7.68.0 OpenSSL/1.1.1g
zlib/1.2.11 brotli/1.0.7 libidn2/2.3.0 libpsl/0.21.0 (+libidn2/2.3.0)
libssh2/1.8.0 nghttp2/1.40.0 librtmp/2.3
Release-Date: 2020-01-08
Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps
pop3 pop3s rtmp rtsp scp sftp smb smbs smtp smtps telnet tftp
Features: AsynchDNS brotli GSS-API HTTP2 HTTPS-proxy IDN IPv6 Kerberos
Largefile libz NTLM NTLM_WB PSL SPNEGO SSL TLS-SRP UnixSockets

I think you can't reproduce the error because your Curl version is not
affected. However, I've tried docker run --rm curlimages/curl:7.68.0 -L and it did work, so I think the issue is related
to curl packaged in Debian.

Finally, I don't have problems with any other known https websites (e.g.
curl --location '' works)

"If technology does not liberate all people for the pursuit of higher aspirations in human achievement, then all it's technical potential will be meaningless." - Jacque Fresco


Received on 2020-05-05