Topic: Curl woes
Suddenly curl to a previously working machine has stopped working saying
Unknown SSL protocol error in connection to ....
This is to a Windows wsdl site - and using a browser from my machines will return the XML page so browsers are happy with the handshake.
Pointing Chrome at the machine says:
Your connection to ..... is encrypted with obsolete cryptography.
The connection uses TLS 1.2.
The connection is encrypted using AES_128_CBC, with SHA1 for message authentication and RSA as the key exchange mechanism.
But I don't think I have much ability to change this.
curl from my Mac - works.
Curl from my Centos 5 and Centos 6 machines doesn't. All Centos systems are running remi curl.
It looks to me that things are dying very early on in the TLS handshake - I see about 6 packets in the transaction.
I've tried various Cypher settings, I've tried using the same ca cert bundle that works on my Mac - but things still fail.
I cannot give you the target machine - because it's firewall protected.
Any ideas about what I can try next? AKA HELP!!
I guess I should include versions:
curl.x86_64 - 7.15.5-17.el5_9
and
curl.x86_64 - 7.19.7-40.el6_6.4