Running curl with OpenSSL 0.9.8 against OpenSSL 1.0.0 server causes handshake error?

curl openssl handshake

rogiller · Dec 23, 2011 · Viewed 13.1k times · Source

If I run curl against a machine that is running OpenSSL 1.0.0e for example:

curl -v https://shumaker.flexrentalsolutions.com

on a machine that is running OpenSSL 0.9.8r I get the following error:

About to connect() to shumaker.flexrentalsolutions.com port 443 (#0)
*   Trying 50.112.122.15... connected
* Connected to shumaker.flexrentalsolutions.com (50.112.122.15) port 443 (#0)
* SSLv3, TLS handshake, Client hello (1):
* error:14077458:SSL routines:SSL23_GET_SERVER_HELLO:reason(1112)
* Closing connection #0

If I run the same curl command on a machine that is running OpenSSL 1.0.0e the command completes without any problem.

It appears the handshake is not completing properly, apparently due to some incompatibility between the two OpenSSL versions.

Any idea how to fix this?

Answer

If you set the openssl version in the protocol, it works:

For the command line:

curl -v -3 https://shumaker.flexrentalsolutions.com

If in php:

curl_setopt($ch, CURLOPT_SSLVERSION,3);

Running curl with OpenSSL 0.9.8 against OpenSSL 1.0.0 server causes handshake error?

Answer

Related questions