I’m hitting my curl on ubuntu terminal and getting this response
curl: (35) OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to domain.com:443 . I really can’t understand why it happens. I tried to show curl’s error number but it did not revert any no. I am hitting another server. Below is my command :
./curl -i --tlsv1.2 -kv -H "Content-Type: application/xml" --verbose -X POST --data /var/www/html/xml.xml --cacert /root/curl_ssl/curl-7.54.1/src/cert_org.crt domain.com/otp
Please suggest some help.
For sites that use the old SSL protocol, this error may occur with CURL on Linux. According to the SSL/TLS protocol specification, the reason may be that the client hello uses the support group option that is not supported by the peer.
The solution is to use sslscan for probing and get the protocol version and cipher suite supported by the peer.
The problem is that the site supports only ciphers that are no longer considered secure, i.e. ciphers based on 3DES and RC4. The default ciphers in the ssl library do not include these ciphers for security reasons.
To add support for these ciphers, you can manually set the default cipher Suite. The next line sets DES-CBC3-SHA as the proposed cipher.
curl --cipher DES-CBC3-SHA <your parameters>
Use this for all sites is not safe.
Note that this option should only be used for this legacy site.