Fatal编程技术网
  • curl/
  • Curl 连接到example.com时出现未知SSL协议错误

Curl 连接到example.com时出现未知SSL协议错误

curl nginx

Curl 连接到example.com时出现未知SSL协议错误,curl,nginx,lets-encrypt,Curl,Nginx,Lets Encrypt,更新letsencrypt证书后,我的网站出现了一个问题。 我试图调试Nginx,但是日志是清楚的。但它是有效的。看来我没有选择重新安装我的服务器。救命啊 curl --no-sessionid -I -vvvv --tlsv1.2 -qv -3 https://example.com/ * Trying 176.9.92.134... * TCP_NODELAY set * Connected to site.com (999.9.9.999) port 443 (#0) * ALPN,

更新letsencrypt证书后,我的网站出现了一个问题。 我试图调试Nginx,但是日志是清楚的。但它是有效的。看来我没有选择重新安装我的服务器。救命啊

curl --no-sessionid  -I -vvvv --tlsv1.2 -qv -3 https://example.com/
*   Trying 176.9.92.134...
* TCP_NODELAY set
* Connected to site.com (999.9.9.999) port 443 (#0)
* ALPN, offering http/1.1
* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
* successfully set certificate verify locations:
* CAfile: /Users/user/anaconda3/ssl/cacert.pem
  CApath: none
* SSLv3 (OUT), TLS handshake, Client hello (1):
* Unknown SSL protocol error in connection to example.ru:443
* Curl_http_done: called premature == 1
* Closing connection 0

curl: (35) Unknown SSL protocol error in connection to example.com:443
openssl的一些检查

Nginx配置 `服务器{ 听99.99.99.99:443; server_name example.com

    ssl_trusted_certificate /var/www/example/ca.cer;
    ssl_certificate /var/www/example/fullchain.cer;
    ssl_certificate_key /var/www/example/example.com.key;

    ssl_session_timeout 5m;
    ssl_session_cache shared:SSL:50m;

    # Diffie-Hellman parameter for DHE ciphersuites, recommended 2048 bits
    ssl_dhparam /var/www/example/example_dhparam.pem;

    # modern configuration. tweak to your needs.
    ssl_protocols       TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers         HIGH:!aNULL:!MD5;
    ssl_stapling on;
    ssl_stapling_verify on;
    resolver 127.0.0.1 8.8.8.8;


    location /.well-known/ {
       alias /var/www/example/ssl/.well-known/;
    }

    location / {
       alias /var/www/example/index.html;
    }
}`
难道不是吗

server {
               listen 443 ssl; 
               server_name example.com;
               ...
}
从参考资料来看

要配置HTTPS服务器,ssl参数必须为 在服务器块中的侦听套接字上启用,并且 应指定服务器证书和私钥文件>的位置

你能分享一下你在nginx中的配置吗?在https部分…或者你可以参考我更新的问题中的nginx配置-tlsv1.2要求TLS 1.2-3要求SSLv3。它们是互斥的,你自己决定吧!有什么区别? 
server {
               listen 443 ssl; 
               server_name example.com;
               ...
}

server {
    listen              443 ssl;
    server_name         www.example.com;
    ssl_certificate     www.example.com.crt;
    ssl_certificate_key www.example.com.key;
    ssl_protocols       TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers         HIGH:!aNULL:!MD5;
    ...
}