curl-library
Help about "Unknown SSL protocol error"
Date: Mon, 31 Mar 2008 14:39:44 +0800
Dears,
We encounterd a problem when using libcurl with HTTPS protocol. The problem
described as below.
One day we found our program can't work with HTTPS protocol, it can't
connect to server with SSL channel. But the IE in that computer can do it.
Then we retrieve the certification and use it under another environment. It
works normally with HTTPS support. So it couldn't be the certification's
problem.
Then we trace the LibCurl log and found client can't finish SSL handshake:
client send "client hello" message to server and then print "Unknown SSL
protocol error in connection to xxx.xxx.xxx:443". It didn't receive "server
hello" message. This is why SSL channel can't setup. Trace the libcurl code,
found libcurl call SSL_connect(OpenSSL's API) to connect HTTPS server, then
SSL_connect return error, but libcurl get nothing when it try to retrieve
detail error message from openssl. So libcurl can't handle this and throw an
error message "Unknown SSL protocol error in connection to xxxx", set
libcurl error code to CURLE_SSL_CONNECT_ERROR (=35).
So we think there maybe something between our client and server cutoff the
connection. And we have to sniff the data on port 443 at that computer. The
result was surprisingly. We can only get tcp's three handshakes and after
that, there is nothing send to server, then we get the error message
"Unknown SSL protocol error in connection to xxxx".
Trace log:
-----------------------------------------------------------------------------------------------------------------------------------------------
== Info: About to connect() to 10.64.12.55 port 443
== Info: Trying 10.64.12.55... == Info: connected
== Info: Connected to 10.64.12.55 (10.64.12.55) port 443
== Info: successfully set certificate verify locations:
== Info: CAfile: D:\Source\CA.cer
CApath: none
== Info: SSLv3, TLS handshake, Client hello (1):
<= Send SSL data, zd bytes (0xzx)
zx: ...]..G..Z....)4U_9s......_..WBz..~....6.9.8.5.......3.2./...f.
zx: ....c.b.a.......e.d.`............
== Info: Unknown SSL protocol error in connection to 10.64.12.55:443
== Info: Closing connection #0
-------------------------------------------------------------------------------------------------------------------------------------------------
Lib version: libcurl-7.14, openssl version: 0.97
What's the problem? Does anyone known about that? Any suggestion and help
are welcome and greatly appreciated. Thanks.
BRs
Javen
Received on 2008-03-31