开发者

libcurl gnutls_handshake() failed: A TLS warning alert has been received

开发者 https://www.devze.com 2023-02-28 16:46 出处:网络
I am essentially trying to do the following: http://curl.haxx.se/libcurl/c/https.html I have my apache server set up with mod_ssl and a server cert. I added the line:

I am essentially trying to do the following:

http://curl.haxx.se/libcurl/c/https.html

I have my apache server set up with mod_ssl and a server cert. I added the line:

curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0L);

and also tried:

curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, false);

but I keep 开发者_如何学Cgetting the error: gnutls_handshake() failed: A TLS warning alert has been received.

Does anyone know who to fix this or get around it?


Realizing that the question is fairly old and one answer was already accepted, here is an alternative answer that worked perfectly for me and may be useful for folks coming here from search:

  • Replace libcurl-gnutls with libcurl-openssl alternative.

I noticed that the certificate error was only generated with programs using libcurl and not with browsers so I assumed that something about GNUTLS was at fault here and not the certificates.

Here is what worked for me (Ubuntu 12.04 LTS):

$ sudo apt-get remove libcurl4-gnutls-dev
$ sudo apt-get install libcurl4-openssl-dev 

All programs that were relying on libcurl started working fine immediately after I replaced the libraries (I also recompiled the programs just in case).

Note: this solution will only help you if you get a warning with GNUTLS but not with, say, browsers. That is, I am assuming the certificate chain is actually set up correctly.


I attempted the above solution and that did not work for me. In python, I tried the following option which effectively forces SSLv3 and disables TLS.

c.setopt(pycurl.SSLVERSION, pycurl.SSLVERSION_SSLv3)

in PHP it should be able to be accomplished by setting the CURLOPT_SSLVERSION option to 3.


That "usual" warning you get means there is no well-known organization (certificate authority) willing to vouch for its authenticity. That is what the "usual" warning means and that is what the TLS warning is telling you.

Try to set CURLOPT_SSL_VERIFYHOST to 0 or install a proper certificate.

0

精彩评论

暂无评论...
验证码 换一张
取 消