Https connection, TLS hangs and eventually fails SSL_ERROR_SYSCALLIMAP TLS connection to Dovecot failsSVN...
Is there any relevance to Thor getting his hair cut other than comedic value?
How to get the sitecore field updated date instead of item updated date?
Is divide-by-zero a security vulnerability?
Why is commutativity optional in multiplication for rings?
Hacker Rank: Array left rotation
I am on the US no-fly list. What can I do in order to be allowed on flights which go through US airspace?
Short status output
Custom itemize alignment
Is there a German word for “analytics”?
What is the wife of a henpecked husband called?
Visualize execution of scripts
Has the Isbell–Freyd criterion ever been used to check that a category is concretisable?
How would we write a misogynistic character without offending people?
How can I be pwnd if I'm not registered on that site?
What is meant by "mushroom grandeur" in this context?
Why zero tolerance on nudity in space?
If a druid in Wild Shape swallows a creature whole, then turns back to her normal form, what happens?
Where is this triangular-shaped space station from?
Six real numbers so that product of any five is the sixth one
Skis versus snow shoes - when to choose which for travelling the backcountry?
Finding the number of integers that are a square and a cube at the same time
Which aircraft had such a luxurious-looking navigator's station?
What's the purpose of these copper coils with resitors inside them in A Yamaha RX-V396RDS amplifier?
Do authors have to be politically correct in article-writing?
Https connection, TLS hangs and eventually fails SSL_ERROR_SYSCALL
IMAP TLS connection to Dovecot failsSVN merge with HTTPS hangs on FreeBSDHaProxy giving - 503 Service Unavailablecurl SSL protocol error in connection to shbr-staging.surescripts.netWhat's different between 'Using-Default-VirtualHost' and 'Using-Correctly-Named-VirtualHost'?SSL_read() failed (SSL: error:140943F2:SSL routines:SSL3_READ_BYTES:sslv3 error in nginxNGINX SSL Connections Timing OutNeed help to establish secure ftp connection from linux to z/OS FTPS serverlftp 4.8.4 refuses to talk TLS1.2 with z/OS ftps hostHTTPS from web server in China is blocked by RST TCP packets (Great Firewall?)
I'm trying to correctly diagnose an issue where the server i have access to doesn't seem to be able to contact another server on the internet over port 443:
~$ curl https://mydomain.co.uk -vvv
* Rebuilt URL to: https://mydomain.co.uk/
* Trying 1.2.3.4...
* TCP_NODELAY set
* Connected to mydomain.co.uk (1.2.3.4) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: /etc/ssl/certs/ca-certificates.crt
CApath: /etc/ssl/certs
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to mydomain.co.uk:443
* stopped the pause stream!
* Closing connection 0
curl: (35) OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to mydomain.co.uk:443
I've read that this could be because of incompatible ciphers. So i tried it on a different server on a different network but this time the connection was made successfully:
~$ curl https://mydomain.co.uk -vvv
* Rebuilt URL to: https://mydomain.co.uk/
* Trying 1.2.3.4...
* TCP_NODELAY set
* Connected to mydomain.co.uk (1.2.3.4) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: /etc/ssl/certs/ca-certificates.crt
CApath: /etc/ssl/certs
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Client hello (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / AES128-GCM-SHA256
* ALPN, server accepted to use http/1.1
* Server certificate:
* subject: C=NA; ST=Some Place; L=Some City; O=MyCompany; OU=Technology; CN=*.mydomain.co.uk
* start date: Mar 15 00:00:00 2018 GMT
* expire date: Nov 13 12:00:00 2019 GMT
* subjectAltName: host "mydomain.co.uk" matched cert's "mydomain.co.uk"
* issuer: C=US; O=AniCert Inc; OU=www.anicert.com; CN=NioTrust RSA CA 2019
* SSL certificate verify ok.
> GET / HTTP/1.1
> Host: mydomain.co.uk
> User-Agent: curl/7.58.0
> Accept: */*
>
< HTTP/1.1 302 Moved Temporarily
< Server: nginx
< Date: Mon, 25 Feb 2019 17:30:02 GMT
< Content-Type: text/html
< Content-Length: 154
< Connection: keep-alive
< Location: https://www.mydomain.co.uk
<
<html>
<head><title>302 Found</title></head>
<body bgcolor="white">
<center><h1>302 Found</h1></center>
<hr><center>nginx</center>
</body>
</html>
* Connection #0 to host mydomain.co.uk left intact
The two servers i tried the curl command from are both the same, the networks they're on differ. The two servers i have access to are running Ubuntu 18.04. I don't have access to the remote server that they're both trying to connect to. I need to be able to pin point what the issue is/could be.
So it's not the cipher. What else could cause the TLS handshake to hang like this?
Cheers,
Ankur
ssl https curl ubuntu-18.04
asked Feb 25 at 17:37
Ankur22Ankur22
214
add a comment |
I'm trying to correctly diagnose an issue where the server i have access to doesn't seem to be able to contact another server on the internet over port 443:
~$ curl https://mydomain.co.uk -vvv
* Rebuilt URL to: https://mydomain.co.uk/
* Trying 1.2.3.4...
* TCP_NODELAY set
* Connected to mydomain.co.uk (1.2.3.4) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: /etc/ssl/certs/ca-certificates.crt
CApath: /etc/ssl/certs
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to mydomain.co.uk:443
* stopped the pause stream!
* Closing connection 0
curl: (35) OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to mydomain.co.uk:443
I've read that this could be because of incompatible ciphers. So i tried it on a different server on a different network but this time the connection was made successfully:
~$ curl https://mydomain.co.uk -vvv
* Rebuilt URL to: https://mydomain.co.uk/
* Trying 1.2.3.4...
* TCP_NODELAY set
* Connected to mydomain.co.uk (1.2.3.4) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: /etc/ssl/certs/ca-certificates.crt
CApath: /etc/ssl/certs
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Client hello (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / AES128-GCM-SHA256
* ALPN, server accepted to use http/1.1
* Server certificate:
* subject: C=NA; ST=Some Place; L=Some City; O=MyCompany; OU=Technology; CN=*.mydomain.co.uk
* start date: Mar 15 00:00:00 2018 GMT
* expire date: Nov 13 12:00:00 2019 GMT
* subjectAltName: host "mydomain.co.uk" matched cert's "mydomain.co.uk"
* issuer: C=US; O=AniCert Inc; OU=www.anicert.com; CN=NioTrust RSA CA 2019
* SSL certificate verify ok.
> GET / HTTP/1.1
> Host: mydomain.co.uk
> User-Agent: curl/7.58.0
> Accept: */*
>
< HTTP/1.1 302 Moved Temporarily
< Server: nginx
< Date: Mon, 25 Feb 2019 17:30:02 GMT
< Content-Type: text/html
< Content-Length: 154
< Connection: keep-alive
< Location: https://www.mydomain.co.uk
<
<html>
<head><title>302 Found</title></head>
<body bgcolor="white">
<center><h1>302 Found</h1></center>
<hr><center>nginx</center>
</body>
</html>
* Connection #0 to host mydomain.co.uk left intact
The two servers i tried the curl command from are both the same, the networks they're on differ. The two servers i have access to are running Ubuntu 18.04. I don't have access to the remote server that they're both trying to connect to. I need to be able to pin point what the issue is/could be.
So it's not the cipher. What else could cause the TLS handshake to hang like this?
Cheers,
Ankur
ssl https curl ubuntu-18.04
asked Feb 25 at 17:37
Ankur22Ankur22
214
What is different about the networks? What is the site you are trying to connect to?
– Michael Hampton♦
Feb 25 at 18:11
The server that is having issue connecting to the site is in a network that i have no control over. The other server that does work is at home. The site i'm trying to connect to is a well known transport company... not sure i can say much more than that.
– Ankur22
Feb 26 at 9:29
You should ask the network administrators at the site you are having trouble. They may have a firewall in place.
– Michael Hampton♦
Feb 26 at 13:14
add a comment |
I'm trying to correctly diagnose an issue where the server i have access to doesn't seem to be able to contact another server on the internet over port 443:
~$ curl https://mydomain.co.uk -vvv
* Rebuilt URL to: https://mydomain.co.uk/
* Trying 1.2.3.4...
* TCP_NODELAY set
* Connected to mydomain.co.uk (1.2.3.4) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: /etc/ssl/certs/ca-certificates.crt
CApath: /etc/ssl/certs
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to mydomain.co.uk:443
* stopped the pause stream!
* Closing connection 0
curl: (35) OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to mydomain.co.uk:443
I've read that this could be because of incompatible ciphers. So i tried it on a different server on a different network but this time the connection was made successfully:
~$ curl https://mydomain.co.uk -vvv
* Rebuilt URL to: https://mydomain.co.uk/
* Trying 1.2.3.4...
* TCP_NODELAY set
* Connected to mydomain.co.uk (1.2.3.4) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: /etc/ssl/certs/ca-certificates.crt
CApath: /etc/ssl/certs
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Client hello (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / AES128-GCM-SHA256
* ALPN, server accepted to use http/1.1
* Server certificate:
* subject: C=NA; ST=Some Place; L=Some City; O=MyCompany; OU=Technology; CN=*.mydomain.co.uk
* start date: Mar 15 00:00:00 2018 GMT
* expire date: Nov 13 12:00:00 2019 GMT
* subjectAltName: host "mydomain.co.uk" matched cert's "mydomain.co.uk"
* issuer: C=US; O=AniCert Inc; OU=www.anicert.com; CN=NioTrust RSA CA 2019
* SSL certificate verify ok.
> GET / HTTP/1.1
> Host: mydomain.co.uk
> User-Agent: curl/7.58.0
> Accept: */*
>
< HTTP/1.1 302 Moved Temporarily
< Server: nginx
< Date: Mon, 25 Feb 2019 17:30:02 GMT
< Content-Type: text/html
< Content-Length: 154
< Connection: keep-alive
< Location: https://www.mydomain.co.uk
<
<html>
<head><title>302 Found</title></head>
<body bgcolor="white">
<center><h1>302 Found</h1></center>
<hr><center>nginx</center>
</body>
</html>
* Connection #0 to host mydomain.co.uk left intact
The two servers i tried the curl command from are both the same, the networks they're on differ. The two servers i have access to are running Ubuntu 18.04. I don't have access to the remote server that they're both trying to connect to. I need to be able to pin point what the issue is/could be.
So it's not the cipher. What else could cause the TLS handshake to hang like this?
Cheers,
Ankur
ssl https curl ubuntu-18.04
asked Feb 25 at 17:37
Ankur22Ankur22
214
I'm trying to correctly diagnose an issue where the server i have access to doesn't seem to be able to contact another server on the internet over port 443:
~$ curl https://mydomain.co.uk -vvv
* Rebuilt URL to: https://mydomain.co.uk/
* Trying 1.2.3.4...
* TCP_NODELAY set
* Connected to mydomain.co.uk (1.2.3.4) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: /etc/ssl/certs/ca-certificates.crt
CApath: /etc/ssl/certs
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to mydomain.co.uk:443
* stopped the pause stream!
* Closing connection 0
curl: (35) OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to mydomain.co.uk:443
I've read that this could be because of incompatible ciphers. So i tried it on a different server on a different network but this time the connection was made successfully:
~$ curl https://mydomain.co.uk -vvv
* Rebuilt URL to: https://mydomain.co.uk/
* Trying 1.2.3.4...
* TCP_NODELAY set
* Connected to mydomain.co.uk (1.2.3.4) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: /etc/ssl/certs/ca-certificates.crt
CApath: /etc/ssl/certs
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Client hello (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / AES128-GCM-SHA256
* ALPN, server accepted to use http/1.1
* Server certificate:
* subject: C=NA; ST=Some Place; L=Some City; O=MyCompany; OU=Technology; CN=*.mydomain.co.uk
* start date: Mar 15 00:00:00 2018 GMT
* expire date: Nov 13 12:00:00 2019 GMT
* subjectAltName: host "mydomain.co.uk" matched cert's "mydomain.co.uk"
* issuer: C=US; O=AniCert Inc; OU=www.anicert.com; CN=NioTrust RSA CA 2019
* SSL certificate verify ok.
> GET / HTTP/1.1
> Host: mydomain.co.uk
> User-Agent: curl/7.58.0
> Accept: */*
>
< HTTP/1.1 302 Moved Temporarily
< Server: nginx
< Date: Mon, 25 Feb 2019 17:30:02 GMT
< Content-Type: text/html
< Content-Length: 154
< Connection: keep-alive
< Location: https://www.mydomain.co.uk
<
<html>
<head><title>302 Found</title></head>
<body bgcolor="white">
<center><h1>302 Found</h1></center>
<hr><center>nginx</center>
</body>
</html>
* Connection #0 to host mydomain.co.uk left intact
The two servers i tried the curl command from are both the same, the networks they're on differ. The two servers i have access to are running Ubuntu 18.04. I don't have access to the remote server that they're both trying to connect to. I need to be able to pin point what the issue is/could be.
So it's not the cipher. What else could cause the TLS handshake to hang like this?
Cheers,
Ankur
ssl https curl ubuntu-18.04
ssl https curl ubuntu-18.04
asked Feb 25 at 17:37
Ankur22Ankur22
214
asked Feb 25 at 17:37
Ankur22Ankur22
214
asked Feb 25 at 17:37
Ankur22Ankur22
214
asked Feb 25 at 17:37
Ankur22Ankur22
214
asked Feb 25 at 17:37
Ankur22Ankur22
214
214
What is different about the networks? What is the site you are trying to connect to?
– Michael Hampton♦
Feb 25 at 18:11
The server that is having issue connecting to the site is in a network that i have no control over. The other server that does work is at home. The site i'm trying to connect to is a well known transport company... not sure i can say much more than that.
– Ankur22
Feb 26 at 9:29
You should ask the network administrators at the site you are having trouble. They may have a firewall in place.
– Michael Hampton♦
Feb 26 at 13:14
add a comment |
What is different about the networks? What is the site you are trying to connect to?
– Michael Hampton♦
Feb 25 at 18:11
The server that is having issue connecting to the site is in a network that i have no control over. The other server that does work is at home. The site i'm trying to connect to is a well known transport company... not sure i can say much more than that.
– Ankur22
Feb 26 at 9:29
You should ask the network administrators at the site you are having trouble. They may have a firewall in place.
– Michael Hampton♦
Feb 26 at 13:14
What is different about the networks? What is the site you are trying to connect to?
– Michael Hampton♦
Feb 25 at 18:11
What is different about the networks? What is the site you are trying to connect to?
– Michael Hampton♦
Feb 25 at 18:11
The server that is having issue connecting to the site is in a network that i have no control over. The other server that does work is at home. The site i'm trying to connect to is a well known transport company... not sure i can say much more than that.
– Ankur22
Feb 26 at 9:29
The server that is having issue connecting to the site is in a network that i have no control over. The other server that does work is at home. The site i'm trying to connect to is a well known transport company... not sure i can say much more than that.
– Ankur22
Feb 26 at 9:29
You should ask the network administrators at the site you are having trouble. They may have a firewall in place.
– Michael Hampton♦
Feb 26 at 13:14
You should ask the network administrators at the site you are having trouble. They may have a firewall in place.
– Michael Hampton♦
Feb 26 at 13:14
add a comment |
2 Answers
2
active
oldest
votes
Probably a coincidence, but I had a similar error today. The server process picking up the connection somehow got half-stuck. Sometimes it picked up allright, the other times it left the client waiting indefinitely at exactly the same point as you have here. Had to kill -9 this server process.
answered Feb 25 at 20:21
user188737user188737
26214
I can suggest that to the owners of the site, but it seems to be a networking issue.
– Ankur22
Feb 26 at 9:30
Seems also similar to this issue: github.com/curl/curl/issues/2299. Maybe there is a MTU problem?
– user188737
Feb 26 at 14:26
I tried altering the MTU but that doesn't help either
– Ankur22
Feb 28 at 14:41
Try some variationscurl -v --ciphers DHE-RSA-AES128-GCM-SHA256 https://example.com,openssl s_client -connect example.com:443,openssl s_client -connect example.com:443 -mtu 1478 -no_ticket -msg -cipher DHE-RSA-AES128-GCM-SHA256,openssl s_client -connect example.com:443 -mtu 1478 -no_ticket -msg
– user188737
Feb 28 at 23:15
add a comment |
This has been resolved. It was due to the ip being blacklisted. Once it was taken off the connection established successfully.
answered 5 hours ago
Ankur22Ankur22
214
add a comment |
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "2"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f955667%2fhttps-connection-tls-hangs-and-eventually-fails-ssl-error-syscall%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
2 Answers
2
active
oldest
votes
2 Answers
2
active
oldest
votes
active
oldest
votes
active
oldest
votes
Probably a coincidence, but I had a similar error today. The server process picking up the connection somehow got half-stuck. Sometimes it picked up allright, the other times it left the client waiting indefinitely at exactly the same point as you have here. Had to kill -9 this server process.
answered Feb 25 at 20:21
user188737user188737
26214
I can suggest that to the owners of the site, but it seems to be a networking issue.
– Ankur22
Feb 26 at 9:30
Seems also similar to this issue: github.com/curl/curl/issues/2299. Maybe there is a MTU problem?
– user188737
Feb 26 at 14:26
I tried altering the MTU but that doesn't help either
– Ankur22
Feb 28 at 14:41
Try some variationscurl -v --ciphers DHE-RSA-AES128-GCM-SHA256 https://example.com,openssl s_client -connect example.com:443,openssl s_client -connect example.com:443 -mtu 1478 -no_ticket -msg -cipher DHE-RSA-AES128-GCM-SHA256,openssl s_client -connect example.com:443 -mtu 1478 -no_ticket -msg
– user188737
Feb 28 at 23:15
add a comment |
Probably a coincidence, but I had a similar error today. The server process picking up the connection somehow got half-stuck. Sometimes it picked up allright, the other times it left the client waiting indefinitely at exactly the same point as you have here. Had to kill -9 this server process.
answered Feb 25 at 20:21
user188737user188737
26214
I can suggest that to the owners of the site, but it seems to be a networking issue.
– Ankur22
Feb 26 at 9:30
Seems also similar to this issue: github.com/curl/curl/issues/2299. Maybe there is a MTU problem?
– user188737
Feb 26 at 14:26
I tried altering the MTU but that doesn't help either
– Ankur22
Feb 28 at 14:41
Try some variationscurl -v --ciphers DHE-RSA-AES128-GCM-SHA256 https://example.com,openssl s_client -connect example.com:443,openssl s_client -connect example.com:443 -mtu 1478 -no_ticket -msg -cipher DHE-RSA-AES128-GCM-SHA256,openssl s_client -connect example.com:443 -mtu 1478 -no_ticket -msg
– user188737
Feb 28 at 23:15
add a comment |
Probably a coincidence, but I had a similar error today. The server process picking up the connection somehow got half-stuck. Sometimes it picked up allright, the other times it left the client waiting indefinitely at exactly the same point as you have here. Had to kill -9 this server process.
answered Feb 25 at 20:21
user188737user188737
26214
Probably a coincidence, but I had a similar error today. The server process picking up the connection somehow got half-stuck. Sometimes it picked up allright, the other times it left the client waiting indefinitely at exactly the same point as you have here. Had to kill -9 this server process.
answered Feb 25 at 20:21
user188737user188737
26214
answered Feb 25 at 20:21
user188737user188737
26214
answered Feb 25 at 20:21
user188737user188737
26214
answered Feb 25 at 20:21
user188737user188737
26214
26214
I can suggest that to the owners of the site, but it seems to be a networking issue.
– Ankur22
Feb 26 at 9:30
Seems also similar to this issue: github.com/curl/curl/issues/2299. Maybe there is a MTU problem?
– user188737
Feb 26 at 14:26
I tried altering the MTU but that doesn't help either
– Ankur22
Feb 28 at 14:41
Try some variationscurl -v --ciphers DHE-RSA-AES128-GCM-SHA256 https://example.com,openssl s_client -connect example.com:443,openssl s_client -connect example.com:443 -mtu 1478 -no_ticket -msg -cipher DHE-RSA-AES128-GCM-SHA256,openssl s_client -connect example.com:443 -mtu 1478 -no_ticket -msg
– user188737
Feb 28 at 23:15
add a comment |
I can suggest that to the owners of the site, but it seems to be a networking issue.
– Ankur22
Feb 26 at 9:30
Seems also similar to this issue: github.com/curl/curl/issues/2299. Maybe there is a MTU problem?
– user188737
Feb 26 at 14:26
I tried altering the MTU but that doesn't help either
– Ankur22
Feb 28 at 14:41
Try some variationscurl -v --ciphers DHE-RSA-AES128-GCM-SHA256 https://example.com,openssl s_client -connect example.com:443,openssl s_client -connect example.com:443 -mtu 1478 -no_ticket -msg -cipher DHE-RSA-AES128-GCM-SHA256,openssl s_client -connect example.com:443 -mtu 1478 -no_ticket -msg
– user188737
Feb 28 at 23:15
I can suggest that to the owners of the site, but it seems to be a networking issue.
– Ankur22
Feb 26 at 9:30
I can suggest that to the owners of the site, but it seems to be a networking issue.
– Ankur22
Feb 26 at 9:30
Seems also similar to this issue: github.com/curl/curl/issues/2299. Maybe there is a MTU problem?
– user188737
Feb 26 at 14:26
Seems also similar to this issue: github.com/curl/curl/issues/2299. Maybe there is a MTU problem?
– user188737
Feb 26 at 14:26
I tried altering the MTU but that doesn't help either
– Ankur22
Feb 28 at 14:41
I tried altering the MTU but that doesn't help either
– Ankur22
Feb 28 at 14:41
Try some variations
curl -v --ciphers DHE-RSA-AES128-GCM-SHA256 https://example.com , openssl s_client -connect example.com:443 , openssl s_client -connect example.com:443 -mtu 1478 -no_ticket -msg -cipher DHE-RSA-AES128-GCM-SHA256, openssl s_client -connect example.com:443 -mtu 1478 -no_ticket -msg– user188737
Feb 28 at 23:15
Try some variations
curl -v --ciphers DHE-RSA-AES128-GCM-SHA256 https://example.com , openssl s_client -connect example.com:443 , openssl s_client -connect example.com:443 -mtu 1478 -no_ticket -msg -cipher DHE-RSA-AES128-GCM-SHA256, openssl s_client -connect example.com:443 -mtu 1478 -no_ticket -msg– user188737
Feb 28 at 23:15
add a comment |
This has been resolved. It was due to the ip being blacklisted. Once it was taken off the connection established successfully.
answered 5 hours ago
Ankur22Ankur22
214
add a comment |
This has been resolved. It was due to the ip being blacklisted. Once it was taken off the connection established successfully.
answered 5 hours ago
Ankur22Ankur22
214
add a comment |
This has been resolved. It was due to the ip being blacklisted. Once it was taken off the connection established successfully.
answered 5 hours ago
Ankur22Ankur22
214
This has been resolved. It was due to the ip being blacklisted. Once it was taken off the connection established successfully.
answered 5 hours ago
Ankur22Ankur22
214
answered 5 hours ago
Ankur22Ankur22
214
answered 5 hours ago
Ankur22Ankur22
214
answered 5 hours ago
Ankur22Ankur22
214
214
add a comment |
add a comment |
Thanks for contributing an answer to Server Fault!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f955667%2fhttps-connection-tls-hangs-and-eventually-fails-ssl-error-syscall%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
What is different about the networks? What is the site you are trying to connect to?
– Michael Hampton♦
Feb 25 at 18:11
The server that is having issue connecting to the site is in a network that i have no control over. The other server that does work is at home. The site i'm trying to connect to is a well known transport company... not sure i can say much more than that.
– Ankur22
Feb 26 at 9:29
You should ask the network administrators at the site you are having trouble. They may have a firewall in place.
– Michael Hampton♦
Feb 26 at 13:14