Curl error 35 encountered end of file

I have this code: ... $bucket_obj = $bucket->object($img_file); if ($bucket_obj && $bucket_obj->exists()) { $cloud_image = $bucket_obj->downloadAsString([ 'retries' => 0...
* Rebuilt URL to: https://storage.googleapis.com/
*   Trying 2a00:1450:4009:808::2010...
* Connected to storage.googleapis.com (2a00:1450:4009:808::2010) port 443 (#0)
* Initializing NSS with certpath: sql:/etc/pki/nssdb
*   CAfile: /etc/pki/tls/certs/ca-bundle.crt
  CApath: none
* ALPN, server accepted to use h2
* SSL connection using TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
* Server certificate:
*   subject: CN=*.storage.googleapis.com,O=Google Inc,L=Mountain View,ST=California,C=US
*   start date: Aug 06 18:27:35 2016 GMT
*   expire date: Oct 27 17:58:00 2016 GMT
*   common name: *.storage.googleapis.com
*   issuer: CN=Google Internet Authority G2,O=Google Inc,C=US
* Using HTTP2, server supports multi-use
* Connection state changed (HTTP/2 confirmed)
* TCP_NODELAY set
* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
* Using Stream ID: 1 (easy handle 0x5580c2792cb0)
> GET / HTTP/1.1
> Host: storage.googleapis.com
> User-Agent: curl/7.47.1
> Accept: */*
> 
* Connection state changed (MAX_CONCURRENT_STREAMS updated)!
< HTTP/2.0 400
< x-guploader-uploadid:AEnB2UqRnqLD1wEJzUR4gWkz45wJha5BruDG0kx37DwTYxmCmsSAalfC7zIujlWUekP76WIJpmP4CYVthTjOO1x7BsiNiUxG2kEawUpKBDn0xU1B9DQIn4I
< content-type:application/xml; charset=UTF-8
< content-length:181
< date:Tue, 09 Aug 2016 13:33:56 GMT
< expires:Tue, 09 Aug 2016 13:33:56 GMT
< cache-control:private, max-age=0
< server:UploadServer
< alternate-protocol:443:quic
< alt-svc:quic=":443"; ma=2592000; v="36,35,34,33,32,31,30"
< 
* Connection #0 to host storage.googleapis.com left intact
<?xml version='1.0' encoding='UTF-8'?><Error><Code>MissingSecurityHeader</Code><Message>Your request was missing a required header.</Message><Details>Authorization</Details></Error>
Источник

I am trying to make a cURL request in PHP to a URL. Whatever I try I always get a cURL errno 35 (for a specific URI). The curl documentation has the following to say:

You really want the error buffer and read the message there as it pinpoints the problem slightly more. Could be certificates (file formats, paths, permissions), passwords, and others.

However when trying to capture this information nothing seems to be returned.

$client = curl_init('https://dev.kelunik.com/css/all.min.css')

$log = fopen('/srv/www/Requestable/data/curl-log.txt', 'a+');

curl_setopt($client, CURLOPT_VERBOSE, 1);
curl_setopt($client, CURLOPT_STDERR, $log);
curl_setopt($client, CURLOPT_SSL_VERIFYPEER, true);
curl_setopt($client, CURLOPT_SSL_VERIFYHOST, 2)
curl_setopt($client, CURLOPT_CAINFO, __DIR__ . '/../../../../data/default.pem');
curl_setopt($client, CURLOPT_FAILONERROR, false);
curl_setopt($client, CURLOPT_RETURNTRANSFER, true);
curl_setopt($client, CURLOPT_HEADER, true);
curl_setopt($client, CURLINFO_HEADER_OUT, true);
curl_setopt($client, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($client, CURLOPT_CUSTOMREQUEST, 'GET');
curl_setopt($client, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_1);

if (!$response = curl_exec($client)) {
    throw new CurlException('Making request failed: ' . curl_error($client) . '(' . curl_errno($client) . ')');
}

fclose($log);

The above code always throws the CurlException with errno 35, however the defined log file stays empty.

When trying a different URI (with a certificate from the same CA) it just works ™. I also checked my root CA bundle which is fairly up2date:

Certificate data from Mozilla downloaded on: Wed Sep 3 03:12:03 2014

What else can I check to find out what in specific is causing the error?

Note: the URI can be requested both from a browser as well as from my local dev environment just fine

Note 2: I also tried it without manually setting a custom CA root bundle which resulted in the same error.

OpenSSL version:

Installed Packages
Name        : openssl
Arch        : x86_64
Version     : 1.0.1e
Release     : 30.el6_6.5

cURL version:

curl 7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.16.2.3 Basic ECC zlib/1.2.3 libidn/1.18 libssh2/1.4.2
Protocols: tftp ftp telnet dict ldap ldaps http file https ftps scp sftp
Features: GSS-Negotiate IDN IPv6 Largefile NTLM SSL libz

Источник

Исправить не удалось выполнить ваш запрос, поскольку модуль формата файла не может проанализировать файл

Когда я использую команду curl для проверки порта 443, возникает эта проблема.

[[email protected] certs]# curl --verbose https://www.google.com * About to connect() to www.google.com port 443 (#0) * Trying 172.xxx.xxx.xxx... * Connected to www.google.com (172.xxx.xxx.xxx) port 443 (#0) * Initializing NSS with certpath: sql:/etc/pki/nssdb * CAfile: /etc/pki/tls/certs/ca-bundle.crt CApath: none * NSS error -5938 (PR_END_OF_FILE_ERROR) * Encountered end of file * Closing connection 0 curl: (35) Encountered end of file [[email protected] certs]# telnet 172.xxx.xxx.xxx 443 Trying 172.xxx.xxx.xxx... Connected to 172.xxx.xxx.xxx.

Я думаю, что версия curl в порядке. (локон 7.29.0)

В этой ОШИБКЕ нет CApath. Следует ли мне выполнить эту команду?

export CURL_CA_BUNDLE=/etc/pki/tls/certs/ca-bundle.crt

Я хочу знать, почему возникла эта проблема и как ее решить.

Спасибо, что помогли мне.

  • Это ошибка NSS, показанная очень старой версией curl. Я предполагаю, что вам нужно сказать curl, чтобы он использовал TLS 1.2 или что-то в этом роде.
  • @ DanielStenberg + основной сайт Google довольно либерален и принимает TLS1.0 и даже отсутствие SNI, по крайней мере, экземпляры, которые я получаю (172.217.9.228, 172.217.11.4, 172.217.12.164). Этот завиток старый, но моя самая старая тестовая система (CentOS6) имеет libcurl / 7.19.7 NSS / 3.19.1, и она нормально работает в Google. Подозреваю мидлбокс. ОП: как эта система подключена к Интернету, и можете ли вы использовать другое соединение (например, кафе, библиотеку или мобильный телефон), и если да, то отличается ли результат? И / или посмотрите на traceroute, хотя некоторые вещи в нем не видны.

Tweet

Share

Link

Plus

Send

Send

Pin

Источник

PHP passes curl POST data to HTTPS, the same code, with no problems on the first server. It has been unsuccessful on the second server.
Turn on debug Mode and you find the following log.
code:
————————————————————-
Try {
# 1. The init curl
$ch = curl_init ();

# 2. Set the option
curl_setopt ($ch, CURLOPT_URL, $url);
curl_setopt ($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt ($ch, CURLOPT_FOLLOWLOCATION, true);
curl_setopt ($ch, CURLOPT_POST, 1);
curl_setopt ($ch, CURLOPT_POSTFIELDS, $postFields);

if ($headerFields! = NULL){
curl_setopt($ch, CURLOPT_HTTPHEADER, $headerFields);
}

curl_setopt ($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt ($ch, CURLOPT_SSL_VERIFYHOST, FALSE);
curl_setopt ($ch, CURLOPT_SSLCERT, self: : CLIENT_CRT);
Curl_setopt ($ch, CURLOPT_SSLKEY, self: : CLIENT_KEY);
Curl_setopt ($ch, CURLOPT_VERBOSE, 1); #debug mode
Curl_setopt ($ch, CURLOPT_STDERR, fopen (“/TMP/curl_ssl. Log “, “w +”)); #debug mode, print log to:/TMP/curl_SSL.log

# 3.execute curl and get response
$result = curl_exec($ch);
Log::info(” info: HttpMethod:: http_post-get Result:”.$Result);

$rlt_array = json_decode($result, true);
$rsp_array = curl_getinfo ($ch);
Log: : info ($rsp_array);

# 4. Release the curl
curl_close ($ch);
} catch (Exception $e) {
Log: : info ($e);
}
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — –

/tmp/curl_ssl.log:
————————————————————-

* About to connect() to 180.101.147.89 Port8743 (#1)
* Trying 180.101.147.89…
* Connected to 180.101.147.89(180.101.147.89) Port 8743 (#1)
* NSS error -5938(PR_END_OF_FILE_ERROR)
* Encountered end of file
* Closing connection 1
————————————————————-
Found an error calling HTTPS with the curl command:
————————————————————-

[[email protected] ~]# curl https://*.*.*.*
curl: (35) Encountered end of file
————————————————————-
Reason: You need to force the SSL version. Such as:
-2, –sslv2 Use sslv2 (SSL)
-3, Sslv3 Use sslv3 (SSL)
–ssl-allow-beast allow security arrest to improve interop (SSL)
–stderr FILE Where to redirect stderr.-means stdout
–tcp-nodelay Use the ctod TCP_NODELAY option
-t, –telnet-option OPT=VAL Set Telnet option
–tftp-blksize VALUE Set TFTP blksize option (must be > 512)
-z, –time-cond time Transfer based on a time condition
-1, –tlsv1 Use => TLSv1 (SSL)
– tlsv1.0 Use tlsv1.0 (SSL)
– tlsv1.1 Use tlsv1.1 (SSL)
– tlsv1.2 Use tlsv1.2 (SSL)

Add parameters — TLSV1 solves the problem:
[[email protected] conf.d]# curl –tlsv1 https://*.*.*.*
curl: (60) Peer’s certificate issuer hasbeen marked as not trusted by the user.
More details here: http://curl.haxx.se/docs/sslcerts.html

Reference: http://php.net/manual/en/function.curl-setopt.php
Select the SSL version you want:

CURLOPT_SSLVERSION One Of CURL_SSLVERSION_DEFAULT (0), curl_ssl1 (1), curl_sslv2 (2), curl_sslv3 (3), CURL_SSLVERSION_TLSv1_0 (4), CURL_SSLVERSION_TLSv1_1 or (5) CURL_SSLVERSION_TLSv1_2 (6).
Since tlSV1 is used here, the following sentence is added to code to solve the problem:
curl_setopt($ch, CURLOPT_SSLVERSION, 1);

Read More:

  • Fatal error C1010: unexpected end of file encountered while looking for precompiled header. Did you forget to add “ා include” StdAfx. H to the source
  • XML file should have root tag (extra content at the end of the document in file error)
  • Nginx front end and back end separation + service cluster reverse proxy
  • The back end cannot receive the parameters passed by the front end
  • Solve syntax error: unexpected end of file or /bin/bash^m: bad interpeneter: no match file or directory
  • Syntax error: unexpected end of file problem [two solutions]
  • curl https://domasin NSS error – 12286
  • RCurl error-fatal error: curl/curl.h: No such file or directory
  • error Newline required at end of file but not found eol-last
  • Eo ferror: compressed file ended before the end of stream marker was reached
  • [!] Invalid `Podfile` file: syntax error, unexpected end-of-input, expecting keyword_end.
  • Parse error: syntax error, unexpected end of file in XXXXXXXX
  • Record a front end error net:: err_ HTTP2_ PROTOCOL_ ERROR 200
  • SFTP login error: fatal error: received unexpected end of file from SFTP server
  • Pits encountered during installation of vs2017
  • Solve the problem of syntax error: unexpected end of file or syntax error near unexpected token ` fi ‘error
  • Start rqt_ Graph, prompt / opt / ROS / melody / share / PR2_ motor_ diagnostic_ Under tool plugin.xml There is something wrong with the file
  • Solve the unexpected end of stream exception thrown by jedis
  • Failed connect to github.com:443 ; no error and the remote end hung up unexpectedly
  • PHP function file_ get_ Contents() reports an error when using HTTPS protocol: SSL operation failed
Источник

Доброго времени суток,
Имею нового бота в телеграме. Не могу заставить сервер отправлять сообщения от его имени.
Дано:
Centos 7
curl 7.59.0
обновленный nss
При попытке отправить сообщение вот так из консоли

curl --header 'Content-Type: application/json' --request 'POST' --data '{"chat_id":"2367*****","text":"test message here"}' "https://api.telegram.org/bot598******:AAFx8OAg8dj184XBTldynqezf64trbOQ/sendMessage"

В ответ получаю вот такю штуку.

curl --header 'Content-Type: application/json' --request 'POST' --data '{"chat_id":"2367*****","text":"test message"}' "https://api.telegram.org/bot598******:AAFx8OAg8dj184XBTldynqezf64trbOQ/sendMessage" -vv
Note: Unnecessary use of -X or --request, POST is already inferred.
*   Trying 149.154.167.220...
* TCP_NODELAY set
* Connected to api.telegram.org (149.154.167.220) port 443 (#0)
* Initializing NSS with certpath: sql:/etc/pki/nssdb
*   CAfile: none
  CApath: none
* loaded libnssckbi.so
* NSS error -5938 (PR_END_OF_FILE_ERROR)
* Encountered end of file
* stopped the pause stream!
* Closing connection 0
curl: (35) Encountered end of file

Даже при простом обращении курлом к этому сайту без данных вывваливается эта же ошибка.
При том если сделать такой же запрос к гуглу, проблеммы нет.

При отправке сообщения через браузер с теми же токенами, чат ид , Все проходит успешно.
Как это поправить ?)

Источник

First, search the avaliable java version:

[root@izbp19pke6x0v6ruecuy1yz ~]# sdk list java
================================================================================
Available Java Versions
================================================================================
 Vendor        | Use | Version      | Dist    | Status     | Identifier
--------------------------------------------------------------------------------
 AdoptOpenJDK  |     | 16.0.1.j9    | adpt    |            | 16.0.1.j9-adpt      
               |     | 16.0.1.hs    | adpt    |            | 16.0.1.hs-adpt      
               |     | 11.0.11.j9   | adpt    |            | 11.0.11.j9-adpt     
               |     | 11.0.11.hs   | adpt    |            | 11.0.11.hs-adpt     
               |     | 8.0.292.j9   | adpt    |            | 8.0.292.j9-adpt     
               |     | 8.0.292.hs   | adpt    |            | 8.0.292.hs-adpt     
 Alibaba       |     | 11.0.9.4     | albba   |            | 11.0.9.4-albba      
               |     | 8.5.5        | albba   |            | 8.5.5-albba         
 Amazon        |     | 16.0.1.9.1   | amzn    |            | 16.0.1.9.1-amzn     
               |     | 11.0.11.9.1  | amzn    |            | 11.0.11.9.1-amzn    
               |     | 8.292.10.1   | amzn    |            | 8.292.10.1-amzn     
 Azul Zulu     |     | 16.0.1       | zulu    |            | 16.0.1-zulu         
               |     | 16.0.1.fx    | zulu    |            | 16.0.1.fx-zulu      
               |     | 11.0.11      | zulu    |            | 11.0.11-zulu        
               |     | 11.0.11.fx   | zulu    |            | 11.0.11.fx-zulu     
               |     | 8.0.292      | zulu    |            | 8.0.292-zulu        
               |     | 8.0.292.fx   | zulu    |            | 8.0.292.fx-zulu     
               |     | 7.0.302      | zulu    |            | 7.0.302-zulu        
               |     | 6.0.119      | zulu    |            | 6.0.119-zulu        
 BellSoft      |     | 16.0.1.fx    | librca  |            | 16.0.1.fx-librca    
               |     | 16.0.1       | librca  |            | 16.0.1-librca       
               |     | 11.0.11.fx   | librca  |            | 11.0.11.fx-librca   
               |     | 11.0.11      | librca  |            | 11.0.11-librca      
               |     | 8.0.292.fx   | librca  |            | 8.0.292.fx-librca   
               |     | 8.0.292      | librca  |            | 8.0.292-librca      
 GraalVM       |     | 21.1.0.r16   | grl     |            | 21.1.0.r16-grl      
               |     | 21.1.0.r11   | grl     |            | 21.1.0.r11-grl      
               |     | 21.1.0.r8    | grl     |            | 21.1.0.r8-grl       
               |     | 21.0.0.2.r11 | grl     |            | 21.0.0.2.r11-grl    
               |     | 21.0.0.2.r8  | grl     |            | 21.0.0.2.r8-grl     
               |     | 20.3.2.r11   | grl     |            | 20.3.2.r11-grl      
               |     | 20.3.2.r8    | grl     |            | 20.3.2.r8-grl       
               |     | 20.3.1.2.r11 | grl     |            | 20.3.1.2.r11-grl    
               |     | 20.3.1.2.r8  | grl     |            | 20.3.1.2.r8-grl     
               |     | 19.3.6.r11   | grl     |            | 19.3.6.r11-grl      
               |     | 19.3.6.r8    | grl     |            | 19.3.6.r8-grl       
               |     | 19.3.5.r11   | grl     |            | 19.3.5.r11-grl      
               |     | 19.3.5.r8    | grl     |            | 19.3.5.r8-grl       
 Java.net      |     | 18.ea.4      | open    |            | 18.ea.4-open        
               |     | 18.ea.3      | open    |            | 18.ea.3-open        
               |     | 18.ea.2      | open    |            | 18.ea.2-open        
               |     | 18.ea.1      | open    |            | 18.ea.1-open        
               |     | 17.ea.29     | open    |            | 17.ea.29-open       
               |     | 17.ea.28     | open    |            | 17.ea.28-open       
               |     | 17.ea.27     | open    |            | 17.ea.27-open       
               |     | 17.ea.26     | open    |            | 17.ea.26-open       
               |     | 17.ea.25     | open    |            | 17.ea.25-open       
               |     | 17.ea.7.lm   | open    |            | 17.ea.7.lm-open     
               |     | 17.ea.3.pma  | open    |            | 17.ea.3.pma-open    
               |     | 16.0.1       | open    |            | 16.0.1-open         
               |     | 11.0.11      | open    |            | 11.0.11-open        
               |     | 11.0.10      | open    |            | 11.0.10-open        
               |     | 11.0.2       | open    |            | 11.0.2-open         
               |     | 8.0.292      | open    |            | 8.0.292-open        
               |     | 8.0.282      | open    |            | 8.0.282-open        
               |     | 8.0.265      | open    |            | 8.0.265-open        
 Mandrel       |     | 21.1.0.0     | mandrel |            | 21.1.0.0-mandrel    
               |     | 20.3.2.0     | mandrel |            | 20.3.2.0-mandrel    
 Microsoft     |     | 16.0.1.9.1   | ms      |            | 16.0.1.9.1-ms       
               |     | 11.0.11.9.1  | ms      |            | 11.0.11.9.1-ms      
 SAP           |     | 16.0.1       | sapmchn |            | 16.0.1-sapmchn      
               |     | 11.0.11      | sapmchn |            | 11.0.11-sapmchn     
 TravaOpenJDK  |     | 11.0.9       | trava   |            | 11.0.9-trava        
               |     | 8.0.232      | trava   |            | 8.0.232-trava       
================================================================================
Use the Identifier for installation:

    $ sdk install java 11.0.3.hs-adpt
================================================================================

When I am using sdkman to install jdk,shows this error:

[root@izbp19pke6x0v6ruecuy1yz ~]# sdk install java 11.0.11.hs-adpt

Downloading: java 11.0.11.hs-adpt

In progress...

######################################################################## 100.0%
curl: (35) Encountered end of file
Download has failed, aborting!

Can not install java 11.0.11.hs-adpt at this time...

what should I do to fix it? This is my sdkman version:

[root@izbp19pke6x0v6ruecuy1yz ~]# sdk version

SDKMAN 5.11.6

Now I am enable the debbug mode, seems could not access the github.com:

[root@izbp19pke6x0v6ruecuy1yz etc]# sdk install java 11.0.11.hs-adpt
Validate java 11.0.11.hs-adpt for linuxx64: valid
Validation URL: https://api.sdkman.io/2/candidates/validate/java/11.0.11.hs-adpt/linuxx64
Get pre-installation hook: https://api.sdkman.io/2/hooks/pre/java/11.0.11.hs-adpt/linuxx64
Copy remote pre-installation hook: /root/.sdkman/tmp/hook_pre_java_11.0.11.hs-adpt.sh
No Linux pre-install hook found for Java 11.0.11.hs-adpt.
Completed pre-installation hook...

Downloading: java 11.0.11.hs-adpt

In progress...

######################################################################## 100.0%* About to connect() to api.sdkman.io port 443 (#0)
*   Trying 45.55.42.78...
* Connected to api.sdkman.io (45.55.42.78) port 443 (#0)
* Initializing NSS with certpath: sql:/etc/pki/nssdb
*   CAfile: /etc/pki/tls/certs/ca-bundle.crt
  CApath: none
* SSL connection using TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
* Server certificate:
*   subject: CN=*.sdkman.io
*   start date: May 30 00:00:00 2020 GMT
*   expire date: Apr 28 23:59:59 2022 GMT
*   common name: *.sdkman.io
*   issuer: CN=Sectigo RSA Domain Validation Secure Server CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB
> GET /2/broker/download/java/11.0.11.hs-adpt/linuxx64 HTTP/1.1
> Range: bytes=192792051-
> User-Agent: curl/7.29.0
> Host: api.sdkman.io
> Accept: */*
> 
< HTTP/1.1 302 Found
< Server: nginx/1.19.1
< Date: Fri, 02 Jul 2021 17:48:27 GMT
< Content-Length: 0
< Connection: keep-alive
< location: https://github.com/AdoptOpenJDK/openjdk11-binaries/releases/download/jdk-11.0.11%2B9/OpenJDK11U-jdk_x64_linux_hotspot_11.0.11_9.tar.gz
< 
* Connection #0 to host api.sdkman.io left intact
* Issue another request to this URL: 'https://github.com/AdoptOpenJDK/openjdk11-binaries/releases/download/jdk-11.0.11%2B9/OpenJDK11U-jdk_x64_linux_hotspot_11.0.11_9.tar.gz'
* About to connect() to github.com port 443 (#1)
*   Trying 13.229.188.59...
* Connected to github.com (13.229.188.59) port 443 (#1)
*   CAfile: /etc/pki/tls/certs/ca-bundle.crt
  CApath: none
* SSL connection using TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
* Server certificate:
*   subject: CN=github.com,O="GitHub, Inc.",L=San Francisco,ST=California,C=US
*   start date: Mar 25 00:00:00 2021 GMT
*   expire date: Mar 30 23:59:59 2022 GMT
*   common name: github.com
*   issuer: CN=DigiCert High Assurance TLS Hybrid ECC SHA256 2020 CA1,O="DigiCert, Inc.",C=US
> GET /AdoptOpenJDK/openjdk11-binaries/releases/download/jdk-11.0.11%2B9/OpenJDK11U-jdk_x64_linux_hotspot_11.0.11_9.tar.gz HTTP/1.1
> Range: bytes=192792051-
> User-Agent: curl/7.29.0
> Host: github.com
> Accept: */*
> 
< HTTP/1.1 302 Found
< Server: GitHub.com
< Date: Fri, 02 Jul 2021 17:48:28 GMT
< Content-Type: text/html; charset=utf-8
< Vary: X-PJAX, Accept-Encoding, Accept, X-Requested-With
< permissions-policy: interest-cohort=()
< Location: https://github-releases.githubusercontent.com/140419044/0d0a0080-a2e2-11eb-8f2c-cb3987bd2660?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIWNJYAX4CSVEH53A%2F20210702%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20210702T174828Z&X-Amz-Expires=300&X-Amz-Signature=7ba2f58dd3d95397a7ff5e8f1de59e68b455c3f5da3d39ea3923be5f3bfc92db&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=140419044&response-content-disposition=attachment%3B%20filename%3DOpenJDK11U-jdk_x64_linux_hotspot_11.0.11_9.tar.gz&response-content-type=application%2Foctet-stream
< Cache-Control: no-cache
< Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
< X-Frame-Options: deny
< X-Content-Type-Options: nosniff
< X-XSS-Protection: 0
< Referrer-Policy: no-referrer-when-downgrade
< Expect-CT: max-age=2592000, report-uri="https://api.github.com/_private/browser/errors"
< Content-Security-Policy: default-src 'none'; base-uri 'self'; block-all-mixed-content; connect-src 'self' uploads.github.com www.githubstatus.com collector.githubapp.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com cdn.optimizely.com logx.optimizely.com/v1/events translator.github.com wss://alive.github.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com online.visualstudio.com/api/v1/locations insights.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com; frame-ancestors 'none'; frame-src render.githubusercontent.com render-temp.githubusercontent.com viewscreen.githubusercontent.com; img-src 'self' data: github.githubassets.com identicons.github.com collector.githubapp.com github-cloud.s3.amazonaws.com secured-user-images.githubusercontent.com/ *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; worker-src github.com/socket-worker-3f088aa2.js gist.github.com/socket-worker-3f088aa2.js
< Content-Length: 657
< X-GitHub-Request-Id: D622:5D0B:250BE1:26E4E6:60DF516B
< 
* Ignoring the response-body
{ [data not shown]
######################################################################## 100.0%* Connection #1 to host github.com left intact
* Issue another request to this URL: 'https://github-releases.githubusercontent.com/140419044/0d0a0080-a2e2-11eb-8f2c-cb3987bd2660?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIWNJYAX4CSVEH53A%2F20210702%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20210702T174828Z&X-Amz-Expires=300&X-Amz-Signature=7ba2f58dd3d95397a7ff5e8f1de59e68b455c3f5da3d39ea3923be5f3bfc92db&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=140419044&response-content-disposition=attachment%3B%20filename%3DOpenJDK11U-jdk_x64_linux_hotspot_11.0.11_9.tar.gz&response-content-type=application%2Foctet-stream'
######################################################################## 100.0%* About to connect() to github-releases.githubusercontent.com port 443 (#2)
*   Trying 185.199.108.154...
* Connected to github-releases.githubusercontent.com (185.199.108.154) port 443 (#2)
*   CAfile: /etc/pki/tls/certs/ca-bundle.crt
  CApath: none
* SSL connection using TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
* Server certificate:
*   subject: CN=www.github.com,O="GitHub, Inc.",L=San Francisco,ST=California,C=US
*   start date: May 06 00:00:00 2020 GMT
*   expire date: Apr 14 12:00:00 2022 GMT
*   common name: www.github.com
*   issuer: CN=DigiCert SHA2 High Assurance Server CA,OU=www.digicert.com,O=DigiCert Inc,C=US
> GET /140419044/0d0a0080-a2e2-11eb-8f2c-cb3987bd2660?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIWNJYAX4CSVEH53A%2F20210702%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20210702T174828Z&X-Amz-Expires=300&X-Amz-Signature=7ba2f58dd3d95397a7ff5e8f1de59e68b455c3f5da3d39ea3923be5f3bfc92db&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=140419044&response-content-disposition=attachment%3B%20filename%3DOpenJDK11U-jdk_x64_linux_hotspot_11.0.11_9.tar.gz&response-content-type=application%2Foctet-stream HTTP/1.1
> Range: bytes=192792051-
> User-Agent: curl/7.29.0
> Host: github-releases.githubusercontent.com
> Accept: */*
> 
< HTTP/1.1 416 Range Not Satisfiable
< Connection: keep-alive
< Content-Length: 0
< x-amz-id-2: KwKxHMi3ygBv4f7jJzhbtztvmPi/8myDw2pEs8dqR2YOT0oqmbC1Je0h724+2d+5fmMOic1PZ6s=
< x-amz-request-id: 3FX5VJS2YEGWZ7Z9
< Last-Modified: Wed, 21 Apr 2021 19:42:24 GMT
< ETag: "0809655a9965bcd6d3eefd4b918c07c6"
< Content-Disposition: attachment; filename=OpenJDK11U-jdk_x64_linux_hotspot_11.0.11_9.tar.gz
< Content-Type: application/octet-stream
< Server: AmazonS3
< Via: 1.1 varnish, 1.1 varnish
< Accept-Ranges: bytes
< Age: 0
< Content-Range: bytes */192792051
< Date: Fri, 02 Jul 2021 17:48:29 GMT
< X-Served-By: cache-dca12929-DCA, cache-nrt18321-NRT
< X-Cache: MISS, MISS
< X-Cache-Hits: 0, 0
< Strict-Transport-Security: max-age=31536000
< X-Fastly-Request-ID: 4265a81244b61078f139b612fb946a2fd90210c8
< 
* Connection #2 to host github-releases.githubusercontent.com left intact

Downloaded binary to: /root/.sdkman/tmp/java-11.0.11.hs-adpt.bin
Get post-installation hook: https://api.sdkman.io/2/hooks/post/java/11.0.11.hs-adpt/linuxx64
Copy remote post-installation hook: /root/.sdkman/tmp/hook_post_java_11.0.11.hs-adpt.sh
A Linux post-install hook was found for Java 11.0.11.hs-adpt.
Download has failed, aborting!

Can not install java 11.0.11.hs-adpt at this time...

Источник

When I try to Curl a SSL page on my ubuntu 12.04 TLS server, it won’t work:

not ssl page:

$ curl https://evernote.com/ -vv
[the entire webpage]

ssl page:

$ curl https://evernote.com/ -vv
* About to connect() to evernote.com port 443 (#0)
*   Trying 204.154.94.73... connected
* successfully set certificate verify locations:
*   CAfile: none
  CApath: /etc/ssl/certs
* SSLv3, TLS handshake, Client hello (1):
* Unknown SSL protocol error in connection to evernote.com:443 
* Closing connection #0
curl: (35) Unknown SSL protocol error in connection to evernote.com:443

This does work on my own machine (OS X).

When I try it via openSSL:

$ openssl s_client -connect evernote.com:433
connect: Connection timed out
connect:errno=110

openSSL version:

$ openssl version
OpenSSL 1.0.1c 10 May 2012

asked Sep 12, 2012 at 13:23

askmike's user avatar

1

You seem to have a typo.

$ openssl s_client -connect evernote.com:433

Port 433 is not open on the remote host, which is why you got error 110 (Connection refused).

Try using port 443 (the standard HTTPS port) instead.

As for curl, I can replicate the problem when using evernote.com, but www.evernote.com works properly (though it sends a 302 redirect to https://evernote.com/.

$ curl https://evernote.com/ -vv
* About to connect() to evernote.com port 443 (#0)
*   Trying 204.154.94.73...
* connected
* Connected to evernote.com (204.154.94.73) port 443 (#0)
* Initializing NSS with certpath: sql:/etc/pki/nssdb
*   CAfile: /etc/pki/tls/certs/ca-bundle.crt
  CApath: none
* NSS error -5938 (PR_END_OF_FILE_ERROR)
* Encountered end of file
* Closing connection #0
curl: (35) Encountered end of file

This means that the server killed the connection. For whatever reason it really doesn’t want to talk to us.

This is probably not something that you can fix.

answered Sep 12, 2012 at 13:29

Michael Hampton's user avatar

Michael HamptonMichael Hampton

240k42 gold badges488 silver badges954 bronze badges

3

Had very similar problem — there was an issue in protocol negotiation, which probably led to some miscommunication with the crypto provider (OpenSSL libs). Try setting the secure protocol explicitly, e.g.:

curl --sslv3 # OR
curl --sslv2 # OR
curl --tlsv1

answered Apr 7, 2013 at 12:56

Martin Cizek's user avatar

Источник

Понравилась статья? Поделить с друзьями:

Читайте также:

  • Curl error 28 operation timed out after 2001 milliseconds with 0 bytes received
  • Curl error 28 operation timed out after 120000 milliseconds with
  • Curl error 28 connection timed out after 5001 milliseconds
  • Curl error 28 connection timed out after 20000 milliseconds
  • Curl error 28 connect timed out

    • 0 0 голоса
    Рейтинг статьи
    Подписаться
    Уведомить о
    guest

    0 комментариев
    Старые
    Новые Популярные
    Межтекстовые Отзывы
    Посмотреть все комментарии