Https connection, TLS hangs and eventually fails SSL_ERROR_SYSCALLIMAP TLS connection to Dovecot failsSVN...

Is there any relevance to Thor getting his hair cut other than comedic value?

How to get the sitecore field updated date instead of item updated date?

Is divide-by-zero a security vulnerability?

Why is commutativity optional in multiplication for rings?

Hacker Rank: Array left rotation

I am on the US no-fly list. What can I do in order to be allowed on flights which go through US airspace?

Short status output

Custom itemize alignment

Is there a German word for “analytics”?

What is the wife of a henpecked husband called?

Visualize execution of scripts

Has the Isbell–Freyd criterion ever been used to check that a category is concretisable?

How would we write a misogynistic character without offending people?

How can I be pwnd if I'm not registered on that site?

What is meant by "mushroom grandeur" in this context?

Why zero tolerance on nudity in space?

If a druid in Wild Shape swallows a creature whole, then turns back to her normal form, what happens?

Where is this triangular-shaped space station from?

Six real numbers so that product of any five is the sixth one

Skis versus snow shoes - when to choose which for travelling the backcountry?

Finding the number of integers that are a square and a cube at the same time

Which aircraft had such a luxurious-looking navigator's station?

What's the purpose of these copper coils with resitors inside them in A Yamaha RX-V396RDS amplifier?

Do authors have to be politically correct in article-writing?

Https connection, TLS hangs and eventually fails SSL_ERROR_SYSCALL

IMAP TLS connection to Dovecot failsSVN merge with HTTPS hangs on FreeBSDHaProxy giving - 503 Service Unavailablecurl SSL protocol error in connection to shbr-staging.surescripts.netWhat's different between 'Using-Default-VirtualHost' and 'Using-Correctly-Named-VirtualHost'?SSL_read() failed (SSL: error:140943F2:SSL routines:SSL3_READ_BYTES:sslv3 error in nginxNGINX SSL Connections Timing OutNeed help to establish secure ftp connection from linux to z/OS FTPS serverlftp 4.8.4 refuses to talk TLS1.2 with z/OS ftps hostHTTPS from web server in China is blocked by RST TCP packets (Great Firewall?)

I'm trying to correctly diagnose an issue where the server i have access to doesn't seem to be able to contact another server on the internet over port 443:

~$ curl https://mydomain.co.uk -vvv

* Rebuilt URL to: https://mydomain.co.uk/

*   Trying 1.2.3.4...

* TCP_NODELAY set

* Connected to mydomain.co.uk (1.2.3.4) port 443 (#0)

* ALPN, offering h2

* ALPN, offering http/1.1

* successfully set certificate verify locations:

*   CAfile: /etc/ssl/certs/ca-certificates.crt

  CApath: /etc/ssl/certs

* TLSv1.2 (OUT), TLS handshake, Client hello (1):

* OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to mydomain.co.uk:443 

* stopped the pause stream!

* Closing connection 0

curl: (35) OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to mydomain.co.uk:443

I've read that this could be because of incompatible ciphers. So i tried it on a different server on a different network but this time the connection was made successfully:

~$ curl https://mydomain.co.uk -vvv

* Rebuilt URL to: https://mydomain.co.uk/

*   Trying 1.2.3.4...

* TCP_NODELAY set

* Connected to mydomain.co.uk (1.2.3.4) port 443 (#0)

* ALPN, offering h2

* ALPN, offering http/1.1

* successfully set certificate verify locations:

*   CAfile: /etc/ssl/certs/ca-certificates.crt

  CApath: /etc/ssl/certs

* TLSv1.2 (OUT), TLS handshake, Client hello (1):

* TLSv1.2 (IN), TLS handshake, Server hello (2):

* TLSv1.2 (IN), TLS handshake, Certificate (11):

* TLSv1.2 (IN), TLS handshake, Server finished (14):

* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):

* TLSv1.2 (OUT), TLS change cipher, Client hello (1):

* TLSv1.2 (OUT), TLS handshake, Finished (20):

* TLSv1.2 (IN), TLS handshake, Finished (20):

* SSL connection using TLSv1.2 / AES128-GCM-SHA256

* ALPN, server accepted to use http/1.1

* Server certificate:

*  subject: C=NA; ST=Some Place; L=Some City; O=MyCompany; OU=Technology; CN=*.mydomain.co.uk

*  start date: Mar 15 00:00:00 2018 GMT

*  expire date: Nov 13 12:00:00 2019 GMT

*  subjectAltName: host "mydomain.co.uk" matched cert's "mydomain.co.uk"

*  issuer: C=US; O=AniCert Inc; OU=www.anicert.com; CN=NioTrust RSA CA 2019

*  SSL certificate verify ok.

> GET / HTTP/1.1

> Host: mydomain.co.uk

> User-Agent: curl/7.58.0

> Accept: */*

> 

< HTTP/1.1 302 Moved Temporarily

< Server: nginx

< Date: Mon, 25 Feb 2019 17:30:02 GMT

< Content-Type: text/html

< Content-Length: 154

< Connection: keep-alive

< Location: https://www.mydomain.co.uk

< 

<html>

<head><title>302 Found</title></head>

<body bgcolor="white">

<center><h1>302 Found</h1></center>

<hr><center>nginx</center>

</body>

</html>

* Connection #0 to host mydomain.co.uk left intact

The two servers i tried the curl command from are both the same, the networks they're on differ. The two servers i have access to are running Ubuntu 18.04. I don't have access to the remote server that they're both trying to connect to. I need to be able to pin point what the issue is/could be.

So it's not the cipher. What else could cause the TLS handshake to hang like this?

Cheers,
Ankur

asked Feb 25 at 17:37

Ankur22

214

What is different about the networks? What is the site you are trying to connect to?

– Michael Hampton♦
Feb 25 at 18:11

The server that is having issue connecting to the site is in a network that i have no control over. The other server that does work is at home. The site i'm trying to connect to is a well known transport company... not sure i can say much more than that.

– Ankur22
Feb 26 at 9:29

You should ask the network administrators at the site you are having trouble. They may have a firewall in place.

– Michael Hampton♦
Feb 26 at 13:14

add a comment |

I'm trying to correctly diagnose an issue where the server i have access to doesn't seem to be able to contact another server on the internet over port 443:

~$ curl https://mydomain.co.uk -vvv

* Rebuilt URL to: https://mydomain.co.uk/

*   Trying 1.2.3.4...

* TCP_NODELAY set

* Connected to mydomain.co.uk (1.2.3.4) port 443 (#0)

* ALPN, offering h2

* ALPN, offering http/1.1

* successfully set certificate verify locations:

*   CAfile: /etc/ssl/certs/ca-certificates.crt

  CApath: /etc/ssl/certs

* TLSv1.2 (OUT), TLS handshake, Client hello (1):

* OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to mydomain.co.uk:443 

* stopped the pause stream!

* Closing connection 0

curl: (35) OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to mydomain.co.uk:443

I've read that this could be because of incompatible ciphers. So i tried it on a different server on a different network but this time the connection was made successfully:

~$ curl https://mydomain.co.uk -vvv

* Rebuilt URL to: https://mydomain.co.uk/

*   Trying 1.2.3.4...

* TCP_NODELAY set

* Connected to mydomain.co.uk (1.2.3.4) port 443 (#0)

* ALPN, offering h2

* ALPN, offering http/1.1

* successfully set certificate verify locations:

*   CAfile: /etc/ssl/certs/ca-certificates.crt

  CApath: /etc/ssl/certs

* TLSv1.2 (OUT), TLS handshake, Client hello (1):

* TLSv1.2 (IN), TLS handshake, Server hello (2):

* TLSv1.2 (IN), TLS handshake, Certificate (11):

* TLSv1.2 (IN), TLS handshake, Server finished (14):

* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):

* TLSv1.2 (OUT), TLS change cipher, Client hello (1):

* TLSv1.2 (OUT), TLS handshake, Finished (20):

* TLSv1.2 (IN), TLS handshake, Finished (20):

* SSL connection using TLSv1.2 / AES128-GCM-SHA256

* ALPN, server accepted to use http/1.1

* Server certificate:

*  subject: C=NA; ST=Some Place; L=Some City; O=MyCompany; OU=Technology; CN=*.mydomain.co.uk

*  start date: Mar 15 00:00:00 2018 GMT

*  expire date: Nov 13 12:00:00 2019 GMT

*  subjectAltName: host "mydomain.co.uk" matched cert's "mydomain.co.uk"

*  issuer: C=US; O=AniCert Inc; OU=www.anicert.com; CN=NioTrust RSA CA 2019

*  SSL certificate verify ok.

> GET / HTTP/1.1

> Host: mydomain.co.uk

> User-Agent: curl/7.58.0

> Accept: */*

> 

< HTTP/1.1 302 Moved Temporarily

< Server: nginx

< Date: Mon, 25 Feb 2019 17:30:02 GMT

< Content-Type: text/html

< Content-Length: 154

< Connection: keep-alive

< Location: https://www.mydomain.co.uk

< 

<html>

<head><title>302 Found</title></head>

<body bgcolor="white">

<center><h1>302 Found</h1></center>

<hr><center>nginx</center>

</body>

</html>

* Connection #0 to host mydomain.co.uk left intact

So it's not the cipher. What else could cause the TLS handshake to hang like this?

Cheers,
Ankur

asked Feb 25 at 17:37

Ankur22

214

What is different about the networks? What is the site you are trying to connect to?

– Michael Hampton♦
Feb 25 at 18:11

The server that is having issue connecting to the site is in a network that i have no control over. The other server that does work is at home. The site i'm trying to connect to is a well known transport company... not sure i can say much more than that.

– Ankur22
Feb 26 at 9:29

You should ask the network administrators at the site you are having trouble. They may have a firewall in place.

– Michael Hampton♦
Feb 26 at 13:14

add a comment |

I'm trying to correctly diagnose an issue where the server i have access to doesn't seem to be able to contact another server on the internet over port 443:

~$ curl https://mydomain.co.uk -vvv

* Rebuilt URL to: https://mydomain.co.uk/

*   Trying 1.2.3.4...

* TCP_NODELAY set

* Connected to mydomain.co.uk (1.2.3.4) port 443 (#0)

* ALPN, offering h2

* ALPN, offering http/1.1

* successfully set certificate verify locations:

*   CAfile: /etc/ssl/certs/ca-certificates.crt

  CApath: /etc/ssl/certs

* TLSv1.2 (OUT), TLS handshake, Client hello (1):

* OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to mydomain.co.uk:443 

* stopped the pause stream!

* Closing connection 0

curl: (35) OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to mydomain.co.uk:443

I've read that this could be because of incompatible ciphers. So i tried it on a different server on a different network but this time the connection was made successfully:

~$ curl https://mydomain.co.uk -vvv

* Rebuilt URL to: https://mydomain.co.uk/

*   Trying 1.2.3.4...

* TCP_NODELAY set

* Connected to mydomain.co.uk (1.2.3.4) port 443 (#0)

* ALPN, offering h2

* ALPN, offering http/1.1

* successfully set certificate verify locations:

*   CAfile: /etc/ssl/certs/ca-certificates.crt

  CApath: /etc/ssl/certs

* TLSv1.2 (OUT), TLS handshake, Client hello (1):

* TLSv1.2 (IN), TLS handshake, Server hello (2):

* TLSv1.2 (IN), TLS handshake, Certificate (11):

* TLSv1.2 (IN), TLS handshake, Server finished (14):

* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):

* TLSv1.2 (OUT), TLS change cipher, Client hello (1):

* TLSv1.2 (OUT), TLS handshake, Finished (20):

* TLSv1.2 (IN), TLS handshake, Finished (20):

* SSL connection using TLSv1.2 / AES128-GCM-SHA256

* ALPN, server accepted to use http/1.1

* Server certificate:

*  subject: C=NA; ST=Some Place; L=Some City; O=MyCompany; OU=Technology; CN=*.mydomain.co.uk

*  start date: Mar 15 00:00:00 2018 GMT

*  expire date: Nov 13 12:00:00 2019 GMT

*  subjectAltName: host "mydomain.co.uk" matched cert's "mydomain.co.uk"

*  issuer: C=US; O=AniCert Inc; OU=www.anicert.com; CN=NioTrust RSA CA 2019

*  SSL certificate verify ok.

> GET / HTTP/1.1

> Host: mydomain.co.uk

> User-Agent: curl/7.58.0

> Accept: */*

> 

< HTTP/1.1 302 Moved Temporarily

< Server: nginx

< Date: Mon, 25 Feb 2019 17:30:02 GMT

< Content-Type: text/html

< Content-Length: 154

< Connection: keep-alive

< Location: https://www.mydomain.co.uk

< 

<html>

<head><title>302 Found</title></head>

<body bgcolor="white">

<center><h1>302 Found</h1></center>

<hr><center>nginx</center>

</body>

</html>

* Connection #0 to host mydomain.co.uk left intact

So it's not the cipher. What else could cause the TLS handshake to hang like this?

Cheers,
Ankur

asked Feb 25 at 17:37

Ankur22

214

I'm trying to correctly diagnose an issue where the server i have access to doesn't seem to be able to contact another server on the internet over port 443:

~$ curl https://mydomain.co.uk -vvv

* Rebuilt URL to: https://mydomain.co.uk/

*   Trying 1.2.3.4...

* TCP_NODELAY set

* Connected to mydomain.co.uk (1.2.3.4) port 443 (#0)

* ALPN, offering h2

* ALPN, offering http/1.1

* successfully set certificate verify locations:

*   CAfile: /etc/ssl/certs/ca-certificates.crt

  CApath: /etc/ssl/certs

* TLSv1.2 (OUT), TLS handshake, Client hello (1):

* OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to mydomain.co.uk:443 

* stopped the pause stream!

* Closing connection 0

curl: (35) OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to mydomain.co.uk:443

I've read that this could be because of incompatible ciphers. So i tried it on a different server on a different network but this time the connection was made successfully:

~$ curl https://mydomain.co.uk -vvv

* Rebuilt URL to: https://mydomain.co.uk/

*   Trying 1.2.3.4...

* TCP_NODELAY set

* Connected to mydomain.co.uk (1.2.3.4) port 443 (#0)

* ALPN, offering h2

* ALPN, offering http/1.1

* successfully set certificate verify locations:

*   CAfile: /etc/ssl/certs/ca-certificates.crt

  CApath: /etc/ssl/certs

* TLSv1.2 (OUT), TLS handshake, Client hello (1):

* TLSv1.2 (IN), TLS handshake, Server hello (2):

* TLSv1.2 (IN), TLS handshake, Certificate (11):

* TLSv1.2 (IN), TLS handshake, Server finished (14):

* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):

* TLSv1.2 (OUT), TLS change cipher, Client hello (1):

* TLSv1.2 (OUT), TLS handshake, Finished (20):

* TLSv1.2 (IN), TLS handshake, Finished (20):

* SSL connection using TLSv1.2 / AES128-GCM-SHA256

* ALPN, server accepted to use http/1.1

* Server certificate:

*  subject: C=NA; ST=Some Place; L=Some City; O=MyCompany; OU=Technology; CN=*.mydomain.co.uk

*  start date: Mar 15 00:00:00 2018 GMT

*  expire date: Nov 13 12:00:00 2019 GMT

*  subjectAltName: host "mydomain.co.uk" matched cert's "mydomain.co.uk"

*  issuer: C=US; O=AniCert Inc; OU=www.anicert.com; CN=NioTrust RSA CA 2019

*  SSL certificate verify ok.

> GET / HTTP/1.1

> Host: mydomain.co.uk

> User-Agent: curl/7.58.0

> Accept: */*

> 

< HTTP/1.1 302 Moved Temporarily

< Server: nginx

< Date: Mon, 25 Feb 2019 17:30:02 GMT

< Content-Type: text/html

< Content-Length: 154

< Connection: keep-alive

< Location: https://www.mydomain.co.uk

< 

<html>

<head><title>302 Found</title></head>

<body bgcolor="white">

<center><h1>302 Found</h1></center>

<hr><center>nginx</center>

</body>

</html>

* Connection #0 to host mydomain.co.uk left intact

So it's not the cipher. What else could cause the TLS handshake to hang like this?

Cheers,
Ankur

ssl https curl ubuntu-18.04

asked Feb 25 at 17:37

Ankur22

214

asked Feb 25 at 17:37

Ankur22

214

asked Feb 25 at 17:37

Ankur22

214

asked Feb 25 at 17:37

Ankur22

214

asked Feb 25 at 17:37

Ankur22

214

What is different about the networks? What is the site you are trying to connect to?

– Michael Hampton♦
Feb 25 at 18:11

The server that is having issue connecting to the site is in a network that i have no control over. The other server that does work is at home. The site i'm trying to connect to is a well known transport company... not sure i can say much more than that.

– Ankur22
Feb 26 at 9:29

You should ask the network administrators at the site you are having trouble. They may have a firewall in place.

– Michael Hampton♦
Feb 26 at 13:14

add a comment |

What is different about the networks? What is the site you are trying to connect to?

– Michael Hampton♦
Feb 25 at 18:11

The server that is having issue connecting to the site is in a network that i have no control over. The other server that does work is at home. The site i'm trying to connect to is a well known transport company... not sure i can say much more than that.

– Ankur22
Feb 26 at 9:29

You should ask the network administrators at the site you are having trouble. They may have a firewall in place.

– Michael Hampton♦
Feb 26 at 13:14

What is different about the networks? What is the site you are trying to connect to?

– Michael Hampton♦
Feb 25 at 18:11

The server that is having issue connecting to the site is in a network that i have no control over. The other server that does work is at home. The site i'm trying to connect to is a well known transport company... not sure i can say much more than that.

– Ankur22
Feb 26 at 9:29

You should ask the network administrators at the site you are having trouble. They may have a firewall in place.

– Michael Hampton♦
Feb 26 at 13:14

add a comment |

2 Answers
2

active

oldest

votes

Probably a coincidence, but I had a similar error today. The server process picking up the connection somehow got half-stuck. Sometimes it picked up allright, the other times it left the client waiting indefinitely at exactly the same point as you have here. Had to kill -9 this server process.

answered Feb 25 at 20:21

user188737

26214

I can suggest that to the owners of the site, but it seems to be a networking issue.

– Ankur22
Feb 26 at 9:30

Seems also similar to this issue: github.com/curl/curl/issues/2299. Maybe there is a MTU problem?

– user188737
Feb 26 at 14:26

I tried altering the MTU but that doesn't help either

– Ankur22
Feb 28 at 14:41

Try some variations curl -v --ciphers DHE-RSA-AES128-GCM-SHA256 https://example.com , openssl s_client -connect example.com:443 , openssl s_client -connect example.com:443 -mtu 1478 -no_ticket -msg -cipher DHE-RSA-AES128-GCM-SHA256, openssl s_client -connect example.com:443 -mtu 1478 -no_ticket -msg

– user188737
Feb 28 at 23:15

add a comment |

This has been resolved. It was due to the ip being blacklisted. Once it was taken off the connection established successfully.

answered 5 hours ago

Ankur22

214

add a comment |

Your Answer

StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "2"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});

function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});

}
});

draft saved

draft discarded

Sign up or log in

StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});

Post as a guest

Name

Required, but never shown

StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f955667%2fhttps-connection-tls-hangs-and-eventually-fails-ssl-error-syscall%23new-answer', 'question_page');
}
);

Post as a guest

Name

Required, but never shown

2 Answers
2

active

oldest

votes

2 Answers
2

active

oldest

votes

answered Feb 25 at 20:21

user188737

26214

I can suggest that to the owners of the site, but it seems to be a networking issue.

– Ankur22
Feb 26 at 9:30

Seems also similar to this issue: github.com/curl/curl/issues/2299. Maybe there is a MTU problem?

– user188737
Feb 26 at 14:26

I tried altering the MTU but that doesn't help either

– Ankur22
Feb 28 at 14:41

Try some variations curl -v --ciphers DHE-RSA-AES128-GCM-SHA256 https://example.com , openssl s_client -connect example.com:443 , openssl s_client -connect example.com:443 -mtu 1478 -no_ticket -msg -cipher DHE-RSA-AES128-GCM-SHA256, openssl s_client -connect example.com:443 -mtu 1478 -no_ticket -msg

– user188737
Feb 28 at 23:15

add a comment |

answered Feb 25 at 20:21

user188737

26214

I can suggest that to the owners of the site, but it seems to be a networking issue.

– Ankur22
Feb 26 at 9:30

Seems also similar to this issue: github.com/curl/curl/issues/2299. Maybe there is a MTU problem?

– user188737
Feb 26 at 14:26

I tried altering the MTU but that doesn't help either

– Ankur22
Feb 28 at 14:41

Try some variations curl -v --ciphers DHE-RSA-AES128-GCM-SHA256 https://example.com , openssl s_client -connect example.com:443 , openssl s_client -connect example.com:443 -mtu 1478 -no_ticket -msg -cipher DHE-RSA-AES128-GCM-SHA256, openssl s_client -connect example.com:443 -mtu 1478 -no_ticket -msg

– user188737
Feb 28 at 23:15

add a comment |

answered Feb 25 at 20:21

user188737

26214

answered Feb 25 at 20:21

user188737

26214

answered Feb 25 at 20:21

user188737

26214

answered Feb 25 at 20:21

user188737

26214

answered Feb 25 at 20:21

user188737

26214

I can suggest that to the owners of the site, but it seems to be a networking issue.

– Ankur22
Feb 26 at 9:30

Seems also similar to this issue: github.com/curl/curl/issues/2299. Maybe there is a MTU problem?

– user188737
Feb 26 at 14:26

I tried altering the MTU but that doesn't help either

– Ankur22
Feb 28 at 14:41

Try some variations curl -v --ciphers DHE-RSA-AES128-GCM-SHA256 https://example.com , openssl s_client -connect example.com:443 , openssl s_client -connect example.com:443 -mtu 1478 -no_ticket -msg -cipher DHE-RSA-AES128-GCM-SHA256, openssl s_client -connect example.com:443 -mtu 1478 -no_ticket -msg

– user188737
Feb 28 at 23:15

add a comment |

I can suggest that to the owners of the site, but it seems to be a networking issue.

– Ankur22
Feb 26 at 9:30

Seems also similar to this issue: github.com/curl/curl/issues/2299. Maybe there is a MTU problem?

– user188737
Feb 26 at 14:26

I tried altering the MTU but that doesn't help either

– Ankur22
Feb 28 at 14:41

Try some variations curl -v --ciphers DHE-RSA-AES128-GCM-SHA256 https://example.com , openssl s_client -connect example.com:443 , openssl s_client -connect example.com:443 -mtu 1478 -no_ticket -msg -cipher DHE-RSA-AES128-GCM-SHA256, openssl s_client -connect example.com:443 -mtu 1478 -no_ticket -msg

– user188737
Feb 28 at 23:15

I can suggest that to the owners of the site, but it seems to be a networking issue.

– Ankur22
Feb 26 at 9:30

Seems also similar to this issue: github.com/curl/curl/issues/2299. Maybe there is a MTU problem?

– user188737
Feb 26 at 14:26

I tried altering the MTU but that doesn't help either

– Ankur22
Feb 28 at 14:41

Try some variations curl -v --ciphers DHE-RSA-AES128-GCM-SHA256 https://example.com , openssl s_client -connect example.com:443 , openssl s_client -connect example.com:443 -mtu 1478 -no_ticket -msg -cipher DHE-RSA-AES128-GCM-SHA256, openssl s_client -connect example.com:443 -mtu 1478 -no_ticket -msg

– user188737
Feb 28 at 23:15

add a comment |

This has been resolved. It was due to the ip being blacklisted. Once it was taken off the connection established successfully.

answered 5 hours ago

Ankur22

214

add a comment |

This has been resolved. It was due to the ip being blacklisted. Once it was taken off the connection established successfully.

answered 5 hours ago

Ankur22

214

add a comment |

This has been resolved. It was due to the ip being blacklisted. Once it was taken off the connection established successfully.

answered 5 hours ago

Ankur22

214

This has been resolved. It was due to the ip being blacklisted. Once it was taken off the connection established successfully.

answered 5 hours ago

Ankur22

214

answered 5 hours ago

Ankur22

214

answered 5 hours ago

Ankur22

214

answered 5 hours ago

Ankur22

214

add a comment |

draft saved

draft discarded

Thanks for contributing an answer to Server Fault!

Please be sure to answer the question. Provide details and share your research!

But avoid …

Asking for help, clarification, or responding to other answers.

Making statements based on opinion; back them up with references or personal experience.

To learn more, see our tips on writing great answers.

draft saved

draft discarded

Sign up or log in

StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});

Post as a guest

Name

Required, but never shown

Post as a guest

Name

Required, but never shown

Sign up or log in

StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});

Post as a guest

Name

Required, but never shown

Sign up or log in

StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});

Post as a guest

Name

Required, but never shown

Sign up or log in

StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});

Post as a guest

Name

Required, but never shown

Name

Required, but never shown

Name

Required, but never shown

This page is only for reference, If you need detailed information, please check here

搜尋此網誌

Ryfujk