cURL / Mailing Lists / curl-library / Single Mail

curl-library

Curl request via proxy issues

From: pankaj takawale <pankaj_takawale_at_yahoo.com>
Date: Tue, 7 Apr 2009 11:29:43 -0700 (PDT)

Im trying to call a web service (sending soap request) to a web server using curl apis (7.15.5).

It was all working fine, suddenly Im started geting Unknown SSL protocol error while sending request via http proxy.
If I send same request directly to web server, it works fine.
Previously soap request was going through proxy successfully.

I can reach to other http servers (www.yahoo.co) through same proxy.
Looks like some SSL connection issue between proxy and that web server.

SSL VERIFICATION is turned off while reaching to internal web server.

SSL VERIFICATION settings are not specified (default is true I believe) while reaching to other http servers.

Any pointers on this?

Below mentioned CURL verbose outputs:

Direct connection to internal web server
========================================

* About to connect() to ptutil port 443
  * Trying 192.168.20.4 ... * connected
  * Connected to ptutil (192.168.20.4) port 443
  * successfully set certificate verify locations:
  * CAfile: /etc/pki/tls/certs/ca-bundle.crt
    CApath: none
  * SSL connection using RC4-MD5
  * Server certificate:
  * subject: /C=US/ST=MA/L=MA/O=MA/CN=ptutil/emailAddress=pt0989_at_me.com
  * start date: 2008-03-13 14:56:10 GMT
  * expire date: 2013-03-12 14:56:10 GMT
  * common name: ptutil (matched)
  * issuer: /C=US/ST=MA/O=MA/OU=Information Security/CN=MA CA
  * SSL certificate verify result: unable to get local issuer certificate (20), continuing anyway.
> POST /GetEvents.asmx HTTP/1.1
  Host: ptutil
  Accept: */*
  Content-Type: application/soap+xml; charset=utf-8
  Content-Length: 693
  

Connection via http proxy to internal web server
========================================
 
  * About to connect() to proxy 192.168.20.230 port 80
  * Trying 192.168.20.230... * connected
  * Connected to 192.168.20.230 (192.168.20.230) port 80
  * Establish HTTP proxy tunnel to ptutil:443
> CONNECT ptutil:443 HTTP/1.0
  Host: ptutil:443
  Proxy-Connection: Keep-Alive
  Content-Type: application/soap+xml; charset=utf-8
  
  < HTTP/1.1 200 Connection established
  <
  * Proxy replied OK to CONNECT request
  * successfully set certificate verify locations:
  * CAfile: /etc/pki/tls/certs/ca-bundle.crt
    CApath: none
  * Unknown SSL protocol error in connection to ptutil:80
  * Closing connection #0
  * SSL connect error
  curl_easy_perform failed.errcode: 35 Reason: SSL connect error

Connection via http proxy to other webservers
=============================================
* About to connect() to proxy 192.168.20.230 port 80
* Trying 192.168.20.230... * connected
* Connected to 192.168.20.230 (192.168.20.230) port 80
> GET http://www.yahoo.com HTTP/1.1
Host: www.yahoo.com
Pragma: no-cache
Accept: */*
Proxy-Connection: Keep-Alive

< HTTP/1.1 200 OK
< Date: Tue, 07 Apr 2009 17:27:23 GMT
< P3P: policyref="http://info.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
< Cache-Control: private
< Vary: User-Agent
< X-XRDS-Location: http://open.login.yahooapis.com/openid20/www.yahoo.com/xrds
< Last-Modified: Tue, 07 Apr 2009 17:24:22 GMT
< Accept-Ranges: bytes
< Content-Type: text/html; charset=utf-8
< Content-length: 9490
< Proxy-Connection: Keep-Alive
< Connection: Keep-Alive

Pankaj.

      
Received on 2009-04-07