curl error 35 : failed to receive handshake, SSL/TLS connection failed

Asked 19/10, 2020 at 11:50 Answered 25/5, 2022 at 23:18

When I try to execute this curl command :

curl -v --key some_key_file.key --cert certificate_file.pem --show-error --header "Content-Type: application/json;charset=UTF-8" https://some-api/service

I get the following error : curl: (35) schannel: failed to receive handshake, SSL/TLS connection failed

And the full execution log :

I have searched this error online and haven't found anyone explaining what it really meant.

Do you have any idea what the source cause could be ?
And do you know if there is a way to get more information about the error ?

Tractarianism answered 19/10, 2020 at 11:50 Comment(3)

Please don't post text as images. As for your problem: hard to tell just based on this output but maybe the server simply is not properly configured to support HTTPS on this port. But might also be some DPI firewall blocking the traffic. Did you try with another client (like a browser) from exactly the same system and did you succeed? – Cominform 19/10, 2020 at 13:21

@Steffen I tried putting the URL on Chrome but obviously the connection is refused because I can't provide my specific certificate. – Tractarianism 19/10, 2020 at 13:32

It is possible to use import client certificates with Chrome, i.e. you should be able to import it for testing. – Cominform 19/10, 2020 at 15:5

The problem was with my curl version which for some reason didn't accept the arguments --cert and --key.

To solve the problem, I installed a completely new curl version and ran it from the installation folder and it worked.

Tractarianism answered 11/11, 2020 at 16:15 Comment(0)

Run the command from the path where you have curl package. if you place in c:\curl goto this path and run the curl command it will work.

Podiatry answered 11/8, 2021 at 10:43 Comment(0)

This error happens when you are behind a 7 layer firewall (i.e Palo Alto) that Allow SSL connections only via application, so you have to configure 2 rules in such solution.

Allow 443 or whatever port with higher priority
Allow Application SSL with lower priority

Faceoff answered 25/5, 2022 at 23:18 Comment(0)

I also try installing latest curl (given below) but it didn't solve my issue.

curl 7.77.0 (x86_64-pc-win32) libcurl/7.77.0 OpenSSL/1.1.1k (Schannel) zlib/1.2.11 brotli/1.0.9 zstd/1.5.0 libidn2/2.3.1 libssh2/1.9.0 nghttp2/1.43.0 libgsasl/1.10.0 Release-Date: 2021-05-26 Protocols: dict file ftp ftps gopher gophers http https imap imaps ldap ldaps mqtt pop3 pop3s rtsp scp sftp smb smbs smtp smtps telnet tftp Features: alt-svc AsynchDNS brotli gsasl HSTS HTTP2 HTTPS-proxy IDN IPv6 Kerberos Largefile libz MultiSSL NTLM SPNEGO SSL SSPI TLS-SRP Unicode UnixSockets zstd

Maroc answered 1/7, 2021 at 6:21 Comment(0)

Recommended topics

Hot tags