http://koji.fedoraproject.org/koji/taskinfo?taskID=1733961 Comment 7 Wolfram Wagner 2009-10-07 16:47:17 EDT Kamil, Thank you a lot! Comment 5 Kamil Dudka 2009-10-07 15:46:44 EDT Nope, I blame the libcurl code, in particular the game it's playing with SSL_V2_COMPATIBLE_HELLO. Perhaps because of the proxy, perhaps you have added some debug coding... I will try my best to find the error.
What "actually" happens at T-minus-0 What is this aircraft with elaborate folding wings? Thank you! Travel to the US with a stamp from Israel in my passport All Aboard the ASCII Train Can droids be shut down manually? Our servers are running their SSL on base of a Certificatte from SAP Trust Center (https://websmp204.sap-ag.de/tcsrootcert => SAP Server CA Certificate: https://tcs.mysap.com/invoke/tc/getCert?SAPServerCA.der) I have downloaded that file converted it via: openssl http://www.centos.org/forums/viewtopic.php?t=52732
connected * Connected to 22.214.171.124 (126.96.36.199) port 768 (#0) * Initializing NSS with certpath: sql:/etc/pki/nssdb * CAfile: /etc/pki/tls/certs/ca-bundle.crt CApath: none * NSS error -5961 * Closing connection #0 * SSL connect You can use nss' debugging equipment instead (you need to recompile NSS with debugging support first): $ SSLTRACE=3 curl --verbose -o/dev/null https://tcs.mysap.com/invoke/tc/getCert?SAPServerCA.der * About to connect() to tcs.mysap.com port 443 (#0) I therefore believe that NSS may be to blame in some way (or at least the version distributed with CentOS 6.5). –euantorano Mar 3 '14 at 10:07 add a comment| up
I hope you can find the needed hint in all my tests and thoughts. But it's true we can always create a TRACE-enabled build for users interested to help with debugging. For example: -t "TCu,Cu,Tuw" Trusting a root CA certificate for issuing SSL server certificates certutil -d sql:/etc/pki/nssdb -A -t "C,," -n
The request always fails on the first attempt of the day. Nss Error Codes Comment 20 Kamil Dudka 2009-10-08 12:59:35 EDT Well, I am not sure if the problem is still related to the original bug report or not. asked 2 years ago viewed 31292 times active 1 year ago Blog How Do Software Developers in New York, San Francisco, London and Bangalore… Related 2Add self signed certificate to ubuntu http://unix.stackexchange.com/questions/280548/curl-doesnt-connect-to-https-while-wget-does-nss-error-12286 Join them; it only takes a minute: Sign up Here's how it works: Anybody can ask a question Anybody can answer The best answers are voted up and rise to the
I see the POST to it, but that's it. Nss Error 8018 Then I switched to PHP 7 and Curl started working even with Cloudflare CDN on. How to jump to middle of buffer A paper I received to review has (independently) duplicated work that we are writing up. Let me explain: I am monitoring a complex application running on some servers.
Update 1: As suggested by steffen-ullrich [[email protected] randoadmin]# curl --ciphers ecdhe_rsa_aes_128_gcm_sha_256 -I https://torrage.com HTTP/1.1 200 OK Server: nginx/1.9.0 Date: Mon, 29 Jun 2015 05:54:17 GMT Content-Type: text/html; charset=UTF-8 Connection: keep-alive Expires: http://stackoverflow.com/questions/21887315/curl-ssl-connect-error-35-with-nss-error-5961 Subsequent requests work fine. What Is Nss Error Browse other questions tagged php ssl curl https curl-multi or ask your own question. Curl Nss Error 5938 How to get sprint progress from complexity-based estimation?
I have limited access to the Windows 7 server. Can my brother from Australia buy a flydubai airline ticket for me? I don't know if the version of curl your are using already supports the necessary options to restrict the TLS protocol this way and if this option is implemented for the Why would you not accept a free great person? Curl Nss Error 5961
Is a Turing Machine "by definition" the most powerful machine? Travel to the US with a stamp from Israel in my passport A paper I received to review has (independently) duplicated work that we are writing up. Are endothermic bombs possible? I am trying to contact network admin to look at firewall configuration.
Already tried, with no luck, options -k and --cipher ecdhe_ecdsa_aes_128_gcm_sha_256, that is the server preferred cipher according to Qualys SSL Labs Test Server tool here: https://www.ssllabs.com/ssltest/analyze.html?d=intribunale.net&latest Here is the cURL log: Curl Nss Error 12286 It's not clear if you have access to the Windows 7 server or the full components of the environment to identify the exact cause of the timeout that is causing the You can provide feedback for this update here: http://admin.fedoraproject.org/updates/F12/FEDORA-2009-12235 Comment 33 Fedora Update System 2009-12-17 23:17:49 EST curl-7.19.7-3.fc11 has been pushed to the Fedora 11 stable repository.
If you don't specify the certificate manually with --cacert option, NSS tries to select the right one from the NSS database (located at /etc/pki/nssdb) automatically. I would not have found the reason I think.... i really appreciate it., –AMB Jun 29 '15 at 6:01 for me curl_setopt($ch, CURLOPT_SSL_CIPHER_LIST, 'ecdhe_rsa_aes_128_gcm_sha_256'); worked as it was a different torrent site. –vrtech77 Dec 21 '15 at 6:08 Nss Error Code 5961 Advisor drops MSci student suddenly in final semester Replace all values in one column to 1 James Potter and the Cloak of Invisibility - Why didn't he use it to hide
I am not in my office anymore, but the link, that you have used in your example should download the CA Certificate. Of course, I had to recompile the NSS libraries with -DTRACE to make this working! Error message on Zabbix screen is: 'Failed on "Login" [1 of 1] Error: SSL connect error' In log file (trace level)"Error doing curl_easy_perform [SSL connect error]" I have double checked the If you find that you need to modify the settings you can follow this procedure.
Bute I have learned a lot...) Good night! does the focal length change the perspective at a given distance? Seems to be alright. (17.88 KB, text/plain) 2009-10-08 08:54 EDT, Wolfram Wagner no flags Details Add an attachment (proposed patch, testcase, etc.) Groups: None (edit) Description Wolfram Wagner 2009-10-07 12:15:44 I can download the same file without issues using wget so I can exclude any firewall or blacklist issues.
connected * Connected to www.intribunale.net (188.8.131.52) port 443 (#0) * Initializing NSS with certpath: sql:/etc/pki/nssdb * CAfile: /etc/pki/tls/certs/ca-bundle.crt CApath: none * NSS error -12286 * Closing connection #0 * SSL connect Looks like twitter was having a similar problem (https://dev.twitter.com/discussions/1549) which they apparently fixed, but didn't elaborate on how it got fixed. does the focal length change the perspective at a given distance? The other server (also a SAP JEE server of same version, but with a different, official Thawte certificate) does not show this behavior.
I have spun up a different virtual machine with the host running OpenSuse rather than CentOS (OpenSuse seems to come with cURL compiled with OpenSSL rather than NSS). The behavior of zabbix has changed too: Before I had constant failures, now I get sporadic SSL connection fails. Comment 34 Fedora Update System 2009-12-17 23:21:02 EST curl-7.19.7-2.fc12 has been pushed to the Fedora 12 stable repository. Thank you!
Bhagavad-Gita: As It Is - version without interruptions?