尽管 Google 上有很多结果,但似乎没有一个给出答案。我有一个 Debian 盒子,我可以在其中执行此操作:
# curl https://localhost/api/v1/status --verbose
* About to connect() to localhost port 443 (#0)
* Trying ::1...
* connected
* Connected to localhost (::1) port 443 (#0)
* successfully set certificate verify locations:
* CAfile: none
CApath: /etc/ssl/certs
* SSLv3, TLS handshake, Client hello (1):
* error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol
* Closing connection #0
curl: (35) error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol
我无法通过未知协议(protocol)。我已经尝试过 -ssl -sslv3 但他们让我无处可去。实际上,-sslv3 得到的结果略有不同:
s# curl https://localhost/api/v1/status --verbose -sslv3
* About to connect() to localhost port 443 (#0)
* Trying ::1...
* connected
* Connected to localhost (::1) port 443 (#0)
* successfully set certificate verify locations:
* CAfile: none
CApath: /etc/ssl/certs
* SSLv3, TLS handshake, Client hello (1):
* SSLv3, TLS alert, Server hello (2):
* error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number
* Closing connection #0
我的虚拟主机配置如下(片段):
SSLEngine on
SSLProtocol all -SSLv2
SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM
SSLCertificateFile /etc/apache2/ssl.key/xxx/ssl.cert
SSLCertificateKeyFile /etc/apache2/ssl.key/xxx/xxx.xxx.key
# Server Certificate Chain:
SSLCertificateChainFile /etc/apache2/ssl.key/sub.class1.server.ca.pem
# Certificate Authority (CA):
SSLCACertificateFile /etc/apache2/ssl.key/ca.pem
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory /usr/lib/cgi-bin>
SSLOptions +StdEnvVars
</Directory>
BrowserMatch "MSIE [2-6]" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
# MSIE 7 and newer should be able to use keepalive
BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown
如有任何帮助,我们将不胜感激。
编辑:更新 我想我发现了我自己的问题!
虚拟主机绑定(bind)到外部接口(interface),curl 试图通过本地主机连接。所以它永远不会在配置的虚拟主机上结束。
为了解决这个问题,我创建了一个绑定(bind)到 127.0.0.1:80 的新 VirtualHost 条目,它只允许来自本地主机的连接。就我的目的而言,这就足够了。
最佳答案
虽然不是 OP 的情况,但当您不小心尝试使用 HTTPS 调用 HTTP 服务器时,通常在本地开发期间会出现 cURL 中的错误“Unknown protocol”。
只是提一下,以防有人谷歌这个错误并登陆这里。
curl :(35) 错误:140770FC:SSL 例程:SSL23_GET_SERVER_HELLO:未知协议(protocol)
关于apache - curl 返回 "Unknown protocol",我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/58206193/