cURL / Mailing Lists / curl-users / Single Mail

curl-users

Re: connect failed

From: Jill Tovey <jill.tovey_at_bigbluedoor.com>
Date: 08 Apr 2003 12:05:36 +0100

On Tue, 2003-04-08 at 11:43, Daniel Stenberg wrote:
> On Tue, 8 Apr 2003, Jill wrote:
>
> > > What happens if you try 'telnet 127.0.0.1 2525' ?
>
> > telnet: Unable to connect to remote host: Connection refused
>
> Right, so there's no mystery why curl failed. You don't have anything
> listening on that port.
>
> > okay I am now trying to connect it to port 80 (!) and getting this
> > error:
> > curl: (35) SSL: error:140770FC:SSL
> > routines:SSL23_GET_SERVER_HELLO:unknown protocol
>
> Isn't that because you try to speak https:// with the http:// server?
>
I'm not quite sure what you mean, but I get the same error with the http
address.

If I disable ssl though, I get an access forbidden message:
"You don't have permission to access /index.cgion this server"

> > I have tried forcing usage of SSLv2, v1, TLSv1 and HTTP 1.0, but get the
> > same error.
> >
> > using the command
> > curl http://localhost:80
> > is fine
>
> Fine? You said above that it displays an error message.

Using the command "curl http://localhost:80" its fine,
however, connecting to the sensor on port 80 gives the error message
(http://localhost/snortagent/sensor.php /
https://localhost/snortagent/sensor.php)
>
> > The command
> > curl https://localhost/snortagent/sensor.php
> > gives this error:
> > curl: (35) SSL: error:14090086:SSL
> > routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
>
> Right, because the client can't verify the server:
> http://curl.haxx.se/docs/sslcerts.html
>
> > however, if i try
> > curl -k https://localhost/snortagent/sensor.php
> >
> > it brings back this:
> >
> > <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
> > <HTML><HEAD>
> > <TITLE>404 Not Found</TITLE>
> > </HEAD><BODY>
> > <H1>Not Found</H1>
> > The requested URL /snortagent/sensor.php was not found on this
> > server.<P>
> > <HR>
> > <ADDRESS>Apache-AdvancedExtranetServer/1.3.26 Server at jill.mandrake
> > Port 443</ADDRESS>
> > </BODY></HTML>
>
> Now you're getting somewhere. Now curl works fine and gets info from your web
> server (using an insecure ssl connection, but it works). Now figure out what
> the correct URL is or other problems by checking the web server logs etc.
>
> > but the page is there if i view it in the browser.
>
> You're in charge of your web server so you should check out why you hand out
> different responses to different user-agents. Seems a very strange thing to
> do in my view.
>
quite. i have no idea why it is doing this.

The last ssl-error_log says this:

[Tue Apr 8 11:20:14 2003] [error] mod_ssl: SSL handshake failed (server
jill.mandrake:443, client 127.0.0.1) (OpenSSL library error follows)
[Tue Apr 8 11:20:14 2003] [error] OpenSSL: error:14094412:SSL
routines:SSL3_READ_BYTES:sslv3 alert bad certificate [Hint: Subject CN
in certificate not server name or identical to CA!?]

> --
> Daniel Stenberg -- curl, cURL, Curl, CURL. Groks URLs.
>
>
> -------------------------------------------------------
> This SF.net email is sponsored by: ValueWeb:
> Dedicated Hosting for just $79/mo with 500 GB of bandwidth!
> No other company gives more support or power for your dedicated server
> http://click.atdmt.com/AFF/go/sdnxxaff00300020aff/direct/01/

-------------------------------------------------------
This SF.net email is sponsored by: ValueWeb:
Dedicated Hosting for just $79/mo with 500 GB of bandwidth!
No other company gives more support or power for your dedicated server
http://click.atdmt.com/AFF/go/sdnxxaff00300020aff/direct/01/
Received on 2003-04-08