NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Automatic SSL Error
So I use Automatic with an SSL RSS feed. It stopped working so I went to investigate.
The SSL feed works with an RSS reader just fine. I can also get it with "curl -ssl3 https://feed" fine as well. Just using "curl https://feed" gives an error. (error below)
Running automatic from ssh session gives a curl error.
cubix:/usr/local/bin# automatic -v 1 -f
../src/automatic.c, 530: 1 feed URLs
../src/automatic.c, 531: Read 1 filters from config file
../src/state.c, 111: Restored 9 old entries
../src/web.c, 431: [getHTTPData] 'https://feed': Error
SSH session curl error:
cubix:/usr/local/bin# curl -vvv 'https://feed'
* SSLv3, TLS handshake, Client hello (1):
* error:14077458:SSL routines:SSL23_GET_SERVER_HELLO:reason(1112)
curl: (35) error:14077458:SSL routines:SSL23_GET_SERVER_HELLO:reason(1112)
Adding the ssl3 makes it work:
cubix:/usr/local/bin# curl -vvv -ssl3 'https://feed'
* SSLv3, TLS handshake, Client hello (1):
* SSLv3, TLS handshake, Server hello (2):
* SSLv3, TLS handshake, CERT (11):
* SSLv3, TLS handshake, Server key exchange (12):
* SSLv3, TLS handshake, Server finished (14):
* SSLv3, TLS handshake, Client key exchange (16):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
It looks like this is a bug between OpenSSL 0.9.8 and 1.0. It looks like if CURLOPT_SSLVERSION is set to 3 while using curl, the issue is resolved. I don't believe I can set this option as an environment variable. I just tried and the curl command failed.
cubix:/usr/local/bin# openssl version
OpenSSL 0.9.8o 01 Jun 2010
http://stackoverflow.com/questions/8619706/running-curl-with-openssl-0-9-8-against-openssl-1-0-0-server-causes-handshake-er
Any assistance would be helpful. I don't want to drop down to non-encrypted usage. The feed contains sensitive information.
The SSL feed works with an RSS reader just fine. I can also get it with "curl -ssl3 https://feed" fine as well. Just using "curl https://feed" gives an error. (error below)
Running automatic from ssh session gives a curl error.
cubix:/usr/local/bin# automatic -v 1 -f
../src/automatic.c, 530: 1 feed URLs
../src/automatic.c, 531: Read 1 filters from config file
../src/state.c, 111: Restored 9 old entries
../src/web.c, 431: [getHTTPData] 'https://feed': Error
SSH session curl error:
cubix:/usr/local/bin# curl -vvv 'https://feed'
* SSLv3, TLS handshake, Client hello (1):
* error:14077458:SSL routines:SSL23_GET_SERVER_HELLO:reason(1112)
curl: (35) error:14077458:SSL routines:SSL23_GET_SERVER_HELLO:reason(1112)
Adding the ssl3 makes it work:
cubix:/usr/local/bin# curl -vvv -ssl3 'https://feed'
* SSLv3, TLS handshake, Client hello (1):
* SSLv3, TLS handshake, Server hello (2):
* SSLv3, TLS handshake, CERT (11):
* SSLv3, TLS handshake, Server key exchange (12):
* SSLv3, TLS handshake, Server finished (14):
* SSLv3, TLS handshake, Client key exchange (16):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
It looks like this is a bug between OpenSSL 0.9.8 and 1.0. It looks like if CURLOPT_SSLVERSION is set to 3 while using curl, the issue is resolved. I don't believe I can set this option as an environment variable. I just tried and the curl command failed.
cubix:/usr/local/bin# openssl version
OpenSSL 0.9.8o 01 Jun 2010
http://stackoverflow.com/questions/8619706/running-curl-with-openssl-0-9-8-against-openssl-1-0-0-server-causes-handshake-er
Any assistance would be helpful. I don't want to drop down to non-encrypted usage. The feed contains sensitive information.
NETGEAR Academy
Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology!
Join Us!
