cURL / Mailing Lists / curl-library / Single Mail

curl-library

Re: "SSL connection timeout at ..." when using network over GPRS/EDGE

From: Ben Noordhuis <info_at_bnoordhuis.nl>
Date: Sat, 30 Apr 2011 22:27:22 +0200

On Sat, Apr 30, 2011 at 20:04, Kamil Dziedzic <arvenil_at_klecza.pl> wrote:
> I've created script which tests requests to our server over diffrent networks.
> Everything worked fine until I tried to send ssl request over GPRS/EDGE.
>
> Over normal network (cable/wifi) everything is fine (I used google as example
> server):
> # curl -#v https://encrypted.google.com > /dev/null
> * About to connect() to encrypted.google.com port 443 (#0)
> *   Trying 66.102.13.100... connected
> * Connected to encrypted.google.com (66.102.13.100) port 443 (#0)
> * found 181 certificates in /etc/certs/ca-certificates.crt
> *        server certificate verification OK
> *        common name: *.google.com (matched)
> *        server certificate expiration date OK
> *        server certificate activation date OK
> *        certificate public key: RSA
> *        certificate version: #3
> *        subject: C=US,ST=California,L=Mountain View,O=Google
> Inc,CN=*.google.com
> *        start date: Wed, 16 Feb 2011 00:24:53 GMT
> *        expire date: Thu, 16 Feb 2012 00:34:53 GMT
> *        issuer: C=US,O=Google Inc,CN=Google Internet Authority
> *        compression: NULL
> *        cipher: ARCFOUR-128
> *        MAC: SHA1
>> GET / HTTP/1.1
>> User-Agent: curl/7.21.4 (x86_64-pld-linux-gnu) libcurl/7.21.4 GnuTLS/2.10.4
> zlib/1.2.5 c-ares/1.7.4 libidn/1.20 libssh2/1.2.7 librtmp/2.3
>> Host: encrypted.google.com
>> Accept: */*
>>
> < HTTP/1.1 200 OK
> < Date: Sat, 30 Apr 2011 17:53:59 GMT
> < Expires: -1
> < Cache-Control: private, max-age=0
> < Content-Type: text/html; charset=ISO-8859-1
> < Set-Cookie:
> PREF=ID=c414fd5fd25ac6d6:FF=0:TM=1304186039:LM=1304186039:S=fYNxRJ9Pjnic4xev;
> expires=Mon, 29-Apr-2013 17:53:59 GMT; path=/; domain=.google.com
> < Set-Cookie: NID=46=JOPKxI2NzxRuVA1Q-
> wzejFlrIipoZLRGOfMVQc1U9rHDwUmRp7qGA34Ae-7MXGRYTwQxnEYs6r8S_AjiH8ayyXxxhobo8aFLmN6LYQ0rW0SEUJ2jBEuL2nhNw2Ptqzbn;
> expires=Sun, 30-Oct-2011 17:53:59 GMT; path=/; domain=.google.com; HttpOnly
> < Server: gws
> < X-XSS-Protection: 1; mode=block
> < Transfer-Encoding: chunked
> <
> { [data not shown] 100,0%
> * Connection #0 to host encrypted.google.com left intact
>
> * Closing connection #0
>
>
> But when I tried to connect via htc android phone using EDGE/GRPS I got:
>
> # curl -#v https://encrypted.google.com > /dev/null
> * About to connect() to encrypted.google.com port 443 (#0)
> *   Trying 209.85.149.101... connected
> * Connected to encrypted.google.com (209.85.149.101) port 443 (#0)
> * found 181 certificates in /etc/certs/ca-certificates.crt
> * SSL connection timeout at 298336
> * Closing connection #0
>
> curl: (28) SSL connection timeout at 298336
>
> It also works if I switch phone to use 3G network or to not use encryption.
> Lynx or wget works fine with encrypted sites over all networks.
>
> Any ideas how to make curl working?

Is your curl built against GnuTLS? Does `openssl s_client -host
encrypted.google.com -port 443` work for you?

-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2011-04-30