Re: Curl won't download file from server that only supports TLS v1.0?
Date: Wed, 10 Jun 2020 19:13:33 +0200
On Wed, Jun 10, 2020 at 10:20:47AM -0400, John Klimek via curl-users wrote:
> https://storage.z-wave.me/z-way-server/z-way-server-Ubuntu-v3.0.6.tgz
>
> ...but I'm getting an error message:
>
> curl: (35) error:1425F102:SSL
> routines:ssl_choose_client_version:unsupported protocol
>
> The website only supports TLS v1.0
> (https://www.ssllabs.com/ssltest/analyze.html?d=storage.z-wave.me)
>
> How can I have curl allow TLS v1.0? I've tried --tlsv1.0 and
> --tls-max 1.0 but it doesn't work.
>
> root_at_f5b0094d2066:/etc/ssl# curl -V
> curl 7.68.0 (x86_64-pc-linux-gnu) libcurl/7.68.0 OpenSSL/1.1.1f
> zlib/1.2.11 brotli/1.0.7 libidn2/2.2.0 libpsl/0.21.0 (+libidn2/2.2.0)
> libssh/0.9.3/openssl/zlib nghttp2/1.40.0 librtmp/2.3
I think the cause lies in your OpenSSL, not in curl. Does
"openssl s_client -connect storage.z-wave.me:https" work for you?
If it does not, then either TLSv1.0 was disabled when building the OpenSSL
library ("openssl list -disabled" could provide a hint), or the support is
disabled with a run-time configuration. E.g. Fedora distribution does that in
/etc/crypto-policies/config file.
-- Petr
-----------------------------------------------------------
Unsubscribe: https://cool.haxx.se/list/listinfo/curl-users
Etiquette: https://curl.haxx.se/mail/etiquette.html
- application/pgp-signature attachment: signature.asc