Ubuntu 18.04 curl 返回 SSL_ERROR_SYSCALL

tag-icon tag-icon 18.04 curl
Ubuntu 18.04 curl 返回 SSL_ERROR_SYSCALL

这一切在 16.04 中运行良好。我在 18.04 中运行相同的设置,cntlm 作为我的代理运行,ca-certificates 使用公司根证书更新。Chrome、Firefox、wget 等使用 https 时没有问题。另一方面,Curl 在转到 https 时总是失败。我还尝试直接转到代理设置环境变量(例如:https_proxy=https://我的用户名:[电子邮件保护]:8080) 并且我得到了相同的 SSL 错误。

18.04卷曲运行:

curl -v https://ubuntu.com
* Rebuilt URL to: https://ubuntu.com/
*   Trying 127.0.0.1...
* TCP_NODELAY set
* Connected to 127.0.0.1 (127.0.0.1) port 3128 (#0)
* ALPN, offering http/1.1
* successfully set certificate verify locations:
*   CAfile: /etc/ssl/certs/ca-certificates.crt
  CApath: /etc/ssl/certs
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to 127.0.0.1:3128 
* Closing connection 0
curl: (35) OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to 127.0.0.1:3128

16.04卷曲运行:

curl -v https://ubuntu.com
* Rebuilt URL to: https://ubuntu.com/
*   Trying 127.0.0.1...
* Connected to 127.0.0.1 (127.0.0.1) port 3128 (#0)
* Establish HTTP proxy tunnel to ubuntu.com:443
> CONNECT ubuntu.com:443 HTTP/1.1
> Host: ubuntu.com:443
> User-Agent: curl/7.47.0
> Proxy-Connection: Keep-Alive
> 
< HTTP/1.1 200 Connection established
< Connection: close
< 
* Proxy replied OK to CONNECT request
* found 152 certificates in /etc/ssl/certs/ca-certificates.crt
* found 620 certificates in /etc/ssl/certs
* ALPN, offering http/1.1
* SSL connection using TLS1.2 / ECDHE_RSA_AES_128_GCM_SHA256
*    server certificate verification OK
*    server certificate status verification SKIPPED
*    common name: ubuntu.com (matched)
*    server certificate expiration date OK
*    server certificate activation date OK
*    certificate public key: RSA
*    certificate version: #3
*    subject: businessCategory=Private Organization,jurisdictionOfIncorporationCountryName=GB,serialNumber=06870835,C=GB,L=London,O=Canonical Group Ltd,OU=James Troup,CN=ubuntu.com
*    start date: Mon, 06 Aug 2018 00:00:00 GMT
*    expire date: Wed, 21 Aug 2019 12:00:00 GMT
*    issuer: REDACTED
*    compression: NULL
* ALPN, server did not agree to a protocol
> GET / HTTP/1.1
> Host: ubuntu.com
> User-Agent: curl/7.47.0
> Accept: */*
> 
< HTTP/1.1 301 Moved Permanently
< Date: Thu, 14 Feb 2019 02:09:17 GMT
< Server: Apache/2.2.22 (Ubuntu)
< Location: https://www.ubuntu.com/
< Vary: Accept-Encoding
< Content-Length: 308
< Content-Type: text/html; charset=iso-8859-1
< Proxy-Connection: Keep-Alive
< Connection: Keep-Alive
< Age: 0
< 
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>301 Moved Permanently</title>
</head><body>
<h1>Moved Permanently</h1>
<p>The document has moved <a href="https://www.ubuntu.com/">here</a>.</p>
<hr>
<address>Apache/2.2.22 (Ubuntu) Server at ubuntu.com Port 443</address>
</body></html>
* Connection #0 to host 127.0.0.1 left intact

答案1

所以这是一个完整的 ID-10T 错误。我在 https_proxy 环境中输入了 https://。cntlm 不支持 https... 将其更改为 http://,现在一切正常。

相关内容