curl fails with "NSS error -5961" or "curl: (35) SSL connect error" on retrieving a https URL

Solution Verified - Updated -

Issue

  • A verbose curl to a https URL shows the below:

    [root@hostname ~]# curl -v https://example.com/test.txt
* About to connect() to example.com port 443 (#0)
*   Trying 192.168.5.5... connected
* Connected to example.com (192.168.5.5) port 443 (#0)
* Initializing NSS with certpath: sql:/etc/pki/nssdb
*   CAfile: /etc/pki/tls/certs/ca-bundle.crt
CApath: none
* NSS error -5961
* Closing connection #0
* SSL connect error
curl: (35) SSL connect error

    or

    # curl -v  https://example.com
*   Trying 10.X.X.X…
* TCP_NODELAY set
* Connected to example.com (10.X.X.X) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
*   CAfile: /etc/pki/tls/certs/ca-bundle.crt
CApath: none
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to example:4903
* Closing connection 0
curl: (35) OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to example.com:4903

Environment

  • Red Hat Enterprise Linux 6.x
  • Red Hat Enterprise Linux 7.x
  • Red Hat Enterprise Linux 8.x

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content