libcurl gnutls_handshake() 失败:已收到 TLS 警告警报
我本质上是在尝试执行以下操作:
http://curl.haxx.se/libcurl/ c/https.html
我用 mod_ssl 设置了 apache 服务器和服务器证书。我添加了以下行:
curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0L);
并尝试了:
curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, false);
但我不断收到错误: gnutls_handshake() 失败:已收到 TLS 警告警报。
有谁知道谁来解决这个问题或解决这个问题?
I am essentially trying to do the following:
http://curl.haxx.se/libcurl/c/https.html
I have my apache server set up with mod_ssl and a server cert. I added the line:
curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0L);
and also tried:
curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, false);
but I keep getting the error: gnutls_handshake() failed: A TLS warning alert has been received.
Does anyone know who to fix this or get around it?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(3)
意识到这个问题相当老了,并且一个答案已经被接受,这里有一个替代答案,它对我来说非常有效,并且可能对从搜索来到这里的人有用:
libcurl-gnutls替换为libcurl-openssl 替代方案。我注意到证书错误仅是使用 libcurl 的程序生成的,而不是浏览器生成的,因此我认为这里有关于 GNUTLS 的问题,而不是证书的问题。
这是对我有用的(Ubuntu 12.04 LTS):
在我替换库后,所有依赖 libcurl 的程序立即开始正常工作(为了以防万一,我还重新编译了程序)。
注意:仅当您收到 GNUTLS 警告而不是浏览器等警告时,此解决方案才会对您有所帮助。也就是说,我假设证书链实际上设置正确。
Realizing that the question is fairly old and one answer was already accepted, here is an alternative answer that worked perfectly for me and may be useful for folks coming here from search:
libcurl-gnutlswithlibcurl-opensslalternative.I noticed that the certificate error was only generated with programs using libcurl and not with browsers so I assumed that something about GNUTLS was at fault here and not the certificates.
Here is what worked for me (Ubuntu 12.04 LTS):
All programs that were relying on libcurl started working fine immediately after I replaced the libraries (I also recompiled the programs just in case).
Note: this solution will only help you if you get a warning with GNUTLS but not with, say, browsers. That is, I am assuming the certificate chain is actually set up correctly.
我尝试了上述解决方案,但这对我不起作用。在 python 中,我尝试了以下选项,该选项有效地强制使用 SSLv3 并禁用 TLS。
在 PHP 中,应该可以通过将 CURLOPT_SSLVERSION 选项设置为 3 来完成。
I attempted the above solution and that did not work for me. In python, I tried the following option which effectively forces SSLv3 and disables TLS.
in PHP it should be able to be accomplished by setting the
CURLOPT_SSLVERSIONoption to 3.您收到的“通常”警告意味着没有知名组织(证书颁发机构)愿意保证其真实性。这就是“通常”警告的含义,也是 TLS 警告告诉您的内容。
尝试将
CURLOPT_SSL_VERIFYHOST设置为 0 或安装正确的证书。That "usual" warning you get means there is no well-known organization (certificate authority) willing to vouch for its authenticity. That is what the "usual" warning means and that is what the TLS warning is telling you.
Try to set
CURLOPT_SSL_VERIFYHOSTto 0 or install a proper certificate.