[gnutls-devel] Unable to connect to https server using wget/curl with gnutls (or openssl)
Nikos Mavrogiannopoulos
nmav at gnutls.org
Thu Dec 20 09:49:56 CET 2012
On Wed, Dec 19, 2012 at 11:05 PM, Burton Samograd <burton at samograd.ca> wrote:
> Hello,
>
> I am having problems connecting to an HTTPS server using gnutls through
> wget, curl and emacs. I have contacted the company and they claim that
> it must be a problem with my SSL implementation, so I am looking into
> it. I would like to not that this problem is not specific to gnutls; I
> have built a version of curl that uses only libssl (openssl) and I still
> have problems connecting to their server.
>
> Starting from the beginning, when I try to connect to their server using
> wget I get a 'Unable to establish SSL connection'::
> ===================================================================================
>
> Looking further I used gnutls-cli:
> ===================================================================================
> ~ $ gnutls-cli -d 4 demoweb.efxnow.com
> I found that "A TLS packet with unexpected length was recieved." could
> also mean that the other side forcibly closed the connection.
It most probably mean that their implementation doesn't understand
extensions or so.
> Finally with gnutls-cli-debug:
>
> ===================================================================================
> ~ $ gnutls-cli-debug -d 4 demoweb.efxnow.com
This should have been less verbose.
> Checking whether %COMPAT is required... yes
It means that you should use gnutls-cli --priority NORMAL:%COMPAT in
order to connect to this server. This server probably cannot parse
random padding or so. This is common in custom new implementations.
regards,
Nikos
More information about the Gnutls-devel
mailing list