[issue11220] https sslv3 error 14077417: illegal parameter

Ian Wetherbee report at bugs.python.org
Wed Feb 16 10:10:46 CET 2011 

Ian Wetherbee <ian.wetherbee at gmail.com> added the comment:

The server seems to be sending a bad TLS handshake, so curl falls back on SSLv3 with TLS disabled.

curl 7.20.1 (x86_64-redhat-linux-gnu) libcurl/7.20.1 NSS/3.12.8.0 zlib/1.2.3 libidn/1.16 libssh2/1.2.4
Protocols: dict file ftp ftps http https imap imaps ldap ldaps pop3 pop3s rtsp scp sftp smtp smtps telnet tftp 
Features: AsynchDNS GSS-Negotiate IDN IPv6 Largefile NTLM SSL libz 

curl -v https://ui2web1.apps.uillinois.edu/BANPROD1/bwskfcls.P_GetCrse
* About to connect() to ui2web1.apps.uillinois.edu port 443 (#0)
*   Trying 64.22.183.24... connected
* Connected to ui2web1.apps.uillinois.edu (64.22.183.24) port 443 (#0)
* Initializing NSS with certpath: /etc/pki/nssdb
*   CAfile: /etc/pki/tls/certs/ca-bundle.crt
  CApath: none
* NSS error -12226
* Error in TLS handshake, trying SSLv3...
> GET /BANPROD1/bwskfcls.P_GetCrse HTTP/1.1
> User-Agent: curl/7.20.1 (x86_64-redhat-linux-gnu) libcurl/7.20.1 NSS/3.12.8.0 zlib/1.2.3 libidn/1.16 libssh2/1.2.4
> Host: ui2web1.apps.uillinois.edu
> Accept: */*
> 
* Connection died, retrying a fresh connect
* Closing connection #0
* Issue another request to this URL: 'https://ui2web1.apps.uillinois.edu/BANPROD1/bwskfcls.P_GetCrse'
* About to connect() to ui2web1.apps.uillinois.edu port 443 (#0)
*   Trying 64.22.183.24... connected
* Connected to ui2web1.apps.uillinois.edu (64.22.183.24) port 443 (#0)
* TLS disabled due to previous handshake failure
*   CAfile: /etc/pki/tls/certs/ca-bundle.crt
  CApath: none
* SSL connection using SSL_RSA_WITH_RC4_128_MD5
* Server certificate:
* 	subject: CN=ui2web1.apps.uillinois.edu,OU=AITS 20100517-25690,O=University of Illinois,L=Urbana,ST=Illinois,C=US
* 	start date: May 17 00:00:00 2010 GMT
* 	expire date: May 17 23:59:59 2011 GMT
* 	common name: ui2web1.apps.uillinois.edu
* 	issuer: E=premium-server at thawte.com,CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA
> GET /BANPROD1/bwskfcls.P_GetCrse HTTP/1.1
> User-Agent: curl/7.20.1 (x86_64-redhat-linux-gnu) libcurl/7.20.1 NSS/3.12.8.0 zlib/1.2.3 libidn/1.16 libssh2/1.2.4
> Host: ui2web1.apps.uillinois.edu
> Accept: */*
> 
< HTTP/1.1 302 Found
< Date: Wed, 16 Feb 2011 07:49:43 GMT
< Server: Oracle-Application-Server-10g/10.1.2.3.0 Oracle-HTTP-Server
< Location: https://apps.uillinois.edu/selfservice/error/
< Connection: close
< Transfer-Encoding: chunked
< Content-Type: text/html; charset=iso-8859-1
< 
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<HTML><HEAD>
<TITLE>302 Found</TITLE>
</HEAD><BODY>
<H1>Found</H1>
The document has moved <A HREF="https://apps.uillinois.edu/selfservice/error/">here</A>.<P>
<HR>
<ADDRESS>Oracle-Application-Server-10g/10.1.2.3.0 Oracle-HTTP-Server Server at ui2web1b.admin.uillinois.edu Port 443</ADDRESS>
</BODY></HTML>
* Closing connection #0

----------

_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue11220>
_______________________________________

More information about the Python-bugs-list mailing list