Download
Browse source Changelog
Documentation
Project   Bug Bounty   Help us   Known bugs   TODO Protocols   CA bundle   HTTP Cookies   HTTP/2   SSL Certs Releases   Security   Version numbers   Vulnerabilities curl tool   man page   Tutorial   HTTP scripting Who and Why
libcurl
ABI API Competitors Examples Features Mailing list Related libs Using libcurl Tutorial Testimonials
Get Help
curl-library curl-users Mailing lists Book: Everything curl Video presentations Report a bug Paid support
Development
Autobuilds Code Style Contribute Deprecate Internals Release Notes Release Procedure Roadmap Run Tests Security Process Specifications Test curl
News
Changelog Release table
curl / Mailing Lists / curl-users / Single Mail
Buy commercial curl support from WolfSSL. We help you work out your issues, debug your libcurl applications, use the API, port to new platforms, add new features and more. With a team lead by the curl founder himself.

Re: SSL routines:ssl3_read_bytes:sslv3 alert handshake failure

From: Ray Satiro via curl-users <curl-users_at_cool.haxx.se>
Date: Tue, 5 May 2020 02:20:11 -0400

On 5/5/2020 1:23 AM, Tobias Sette via curl-users wrote:
>
> Hi Ray. Here is the command with verbose output:
>
> $ curl -vvv --location 'https://www.upward.net/'
> *   Trying 67.227.172.39:443...
> * TCP_NODELAY set
> * Connected to www.upward.net (67.227.172.39) port 443 (#0)
> * ALPN, offering h2
> * ALPN, offering http/1.1
> * successfully set certificate verify locations:
> *   CAfile: /etc/ssl/certs/ca-certificates.crt
>   CApath: /etc/ssl/certs
> * TLSv1.3 (OUT), TLS handshake, Client hello (1):
> * TLSv1.3 (IN), TLS alert, handshake failure (552):
> * error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake
> failure
> * Closing connection 0
> curl: (35) error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert
> handshake failure
>
> $ curl --version
> curl 7.68.0 (x86_64-pc-linux-gnu) libcurl/7.68.0 OpenSSL/1.1.1g
> zlib/1.2.11 brotli/1.0.7 libidn2/2.3.0 libpsl/0.21.0 (+libidn2/2.3.0)
> libssh2/1.8.0 nghttp2/1.40.0 librtmp/2.3
> Release-Date: 2020-01-08
> Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps
> pop3 pop3s rtmp rtsp scp sftp smb smbs smtp smtps telnet tftp
> Features: AsynchDNS brotli GSS-API HTTP2 HTTPS-proxy IDN IPv6 Kerberos
> Largefile libz NTLM NTLM_WB PSL SPNEGO SSL TLS-SRP UnixSockets
>
>
> I think you can't reproduce the error because your Curl version is not
> affected. However, I've tried docker run --rm curlimages/curl:7.68.0
> -L https://www.upward.net/ and it did work, so I think the issue is
> related to curl packaged in Debian.
>
> Finally, I don't have problems with any other known https websites
> (e.g. curl --location 'https://www.google.com' works)
>

Possibly something is interfering with the connection. Use Wireshark and
see if it shows more detail on the handshake failure.

-----------------------------------------------------------
Unsubscribe: https://cool.haxx.se/list/listinfo/curl-users
Etiquette: https://curl.haxx.se/mail/etiquette.html
Received on 2020-05-05