curl / Mailing Lists / curl-users / Single Mail
Buy commercial curl support from WolfSSL. We help you work out your issues, debug your libcurl applications, use the API, port to new platforms, add new features and more. With a team lead by the curl founder himself.

Re: Curl won't download file from server that only supports TLS v1.0?

From: Petr Pisar via curl-users <>
Date: Wed, 10 Jun 2020 19:13:33 +0200

On Wed, Jun 10, 2020 at 10:20:47AM -0400, John Klimek via curl-users wrote:
> ...but I'm getting an error message:
> curl: (35) error:1425F102:SSL
> routines:ssl_choose_client_version:unsupported protocol
> The website only supports TLS v1.0
> (
> How can I have curl allow TLS v1.0? I've tried --tlsv1.0 and
> --tls-max 1.0 but it doesn't work.
> root_at_f5b0094d2066:/etc/ssl# curl -V
> curl 7.68.0 (x86_64-pc-linux-gnu) libcurl/7.68.0 OpenSSL/1.1.1f
> zlib/1.2.11 brotli/1.0.7 libidn2/2.2.0 libpsl/0.21.0 (+libidn2/2.2.0)
> libssh/0.9.3/openssl/zlib nghttp2/1.40.0 librtmp/2.3

I think the cause lies in your OpenSSL, not in curl. Does
"openssl s_client -connect" work for you?

If it does not, then either TLSv1.0 was disabled when building the OpenSSL
library ("openssl list -disabled" could provide a hint), or the support is
disabled with a run-time configuration. E.g. Fedora distribution does that in
/etc/crypto-policies/config file.

-- Petr


Received on 2020-06-10