curb icon indicating copy to clipboard operation
curb copied to clipboard

Published 20 hours ago verified publisher icon taf2

Curl::Err::SSLConnectError: SSL connect error

Open epinault opened this issue 9 years ago • 8 comments

So I am using 0.8.6 gem , ruby 2.1.1 and 2.1.3 on ubuntu 12.04 with everything up to date (openssl shows 1.01

But normal http works fine.. https totally fails with error Curl::Err::SSLConnectError: SSL connect error

any idea what that error is?

epinault avatar Sep 30 '14 23:09 epinault

wondering is the issue is related to passing a user and password in the https url but don think it is...

like https://user:[email protected]

Also I found this CURLE_SSL_CONNECT_ERROR (35)

A problem occurred somewhere in the SSL/TLS handshake. You really want the error buffer and read the message there as it pinpoints the problem slightly more. Could be certificates (file formats, paths, permissions), passwords, and others

How to print the error buffer? so I can see what the error might me?

epinault avatar Sep 30 '14 23:09 epinault

I'm having this issue too, and it doesn't have anything to do with hostname validation or peer verification. curl works fine, and the error doesn't occur on OS X.

No idea yet what the issue is. Some details: https://github.com/benbalter/site-inspector-ruby/issues/12#issuecomment-65908335

konklone avatar Dec 06 '14 19:12 konklone

Try running it with the verbose option on. I got more insight into my error:

irb(main):024:0> Curl::Easy.http_get("https://house.gov") {|c| c.verbose = true}
* Rebuilt URL to: https://house.gov/
* Hostname was NOT found in DNS cache
*   Trying 143.228.181.132...
* Connected to house.gov (143.228.181.132) port 443 (#10)
* found 164 certificates in /etc/ssl/certs/ca-certificates.crt
* gnutls_handshake() failed: A TLS packet with unexpected length was received.
* Closing connection 10
35
Curl::Err::SSLConnectError: SSL connect error

The key line is:

* gnutls_handshake() failed: A TLS packet with unexpected length was received.

My system's libcurl is tied to gnutls instead of openssl. So far, the suggestions I've found all involve recompiling some system library from source after modifying headers. Gross.

konklone avatar Dec 06 '14 20:12 konklone

Confirmed that the following has fixed the issue for me:

sudo apt-get install libcurl4-openssl-dev

This removed libcurl4-gnutls-dev automatically:

The following packages will be REMOVED:
  libcurl4-gnutls-dev
The following NEW packages will be installed:
  libcurl4-openssl-dev

And now my requests using Curb, Typhoeus, and other libcurl-based Ruby libraries under Ubuntu work fine.

konklone avatar Dec 06 '14 20:12 konklone

I ll try that. Seems annoyiung. Especially now in the light of a new one (libressl) appearing and will be more confusing..

epinault avatar Dec 08 '14 17:12 epinault

I'm seeing the same issue on OS X.

/.rvm/gems/ruby-2.2.2/gems/curb-0.8.8/lib/curl/easy.rb:72:in `perform': SSL connect error (Curl::Err::SSLConnectError)

bootstraponline avatar Sep 28 '15 13:09 bootstraponline

@bootstraponline this is usually a system issue or the domain you're requesting has an invalid certificate...

taf2 avatar Sep 28 '15 13:09 taf2

It works if I run the same command again. I'm enabling verbose mode so I can see the exact message.

bootstraponline avatar Sep 28 '15 13:09 bootstraponline