curl は https URL の取得時に "NSS error -5961" または "curl:(35) SSL connect error" のエラーで失敗する
Issue
- verbose を指定して curl を実行し、https URL を取得すると以下が表示されます。
[root@hostname ~]# curl -v https://example.com/test.txt
* About to connect() to example.com port 443 (#0)
* Trying 192.168.5.5... connected
* Connected to example.com (192.168.5.5) port 443 (#0)
* Initializing NSS with certpath: sql:/etc/pki/nssdb
* CAfile: /etc/pki/tls/certs/ca-bundle.crt
CApath: none
* NSS error -5961
* Closing connection #0
* SSL connect error
curl: (35) SSL connect error
または
# curl -v https://example.com
* Trying 10.X.X.X…
* TCP_NODELAY set
* Connected to example.com (10.X.X.X) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: /etc/pki/tls/certs/ca-bundle.crt
CApath: none
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to example:4903
* Closing connection 0
curl: (35) OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to example.com:4903
Environment
- Red Hat Enterprise Linux 6.x
- Red Hat Enterprise Linux 7.x
- Red Hat Enterprise Linux 8.x
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.
