curl 35 error 1408F10B SSL routines ssl3 get record wrong version number

Question

When I try to connect to any server  e g  google com  using curl  or libcurl  I get the error message      curl   35  error 1408F10B SSL routines ssl3 get record wrong version number   Verbose output     curl www google com --verbose     Rebuilt URL to  www google com      Uses proxy env variable no proxy     localhost 127 0 0 1 localaddress  localdomain com      Uses proxy env variable http proxy     https   proxy in tum de 8080        Trying 131 159 0 2        TCP NODELAY set     Connected to proxy in tum de  131 159 0 2  port 8080   0      successfully set certificate verify locations        CAfile   etc ssl certs ca-certificates crt     CApath  none     TLSv1 3  OUT   TLS handshake  Client hello  1       error 1408F10B SSL routines ssl3 get record wrong version number     Closing connection 0   curl   35  error 1408F10B SSL routines ssl3 get record wrong version number      For some reason curl seems to use TLSv1 3 even if I force it to use TLSv1 2 with the command --tlsv1 2   it will still print TLSv1 3  OUT         I am using the newest version of both Curl and OpenSSL      curl -V   curl 7 61 0-DEV  x86 64-pc-linux-gnu  libcurl 7 61 0-DEV OpenSSL 1 1 1 zlib 1 2 8   Release-Date   unreleased    Protocols  dict file ftp ftps gopher http https imap imaps pop3 pop3s rtsp smb smbs smtp smtps telnet tftp   Features  AsynchDNS IPv6 Largefile NTLM NTLM WB SSL libz TLS-SRP UnixSockets HTTPS-proxy     I think this is a problem related to my installation of the programms  Can somebody explain to me what this error message means

User · Answer

Simple answer  If you are behind a proxy server  please set the proxy for curl  The curl is not able to connect to server so it shows wrong version number   Set proxy by opening subl    curlrc or use any other text  editor  Then add the following line to file  proxy  proxyserver proxyport For e g  proxy   10 8 0 1 8080  If you are not behind a proxy  make sure that the curlrc file does not contain the proxy settings

User · Answer

Uses proxy env variable http proxy     https   proxy in tum de 8080                                                       The https    is wrong  it should be http     The proxy itself should be accessed by HTTP and not HTTPS even though the target URL is HTTPS  The proxy will nevertheless properly handle HTTPS connection and keep the end-to-end encryption  See HTTP CONNECT method for details how this is done

User · Answer

If anyone is getting this error using Nginx  try adding the following to your server config   server       listen 443 ssl              The issue stems from Nginx serving an HTTP server to a client expecting HTTPS on whatever port you re listening on  When you specify ssl in the listen directive  you clear this up on the server side

User · Answer

More simply in one line  proxy 192 168 2 1 8080 curl -v example com eg   proxy 192 168 2 1 8080 curl -v example com xxxxxxxxx-ASUS    proxy 192 168 2 1 8080 curl -v https   google com head -c 15    Total      Received   Xferd  Average Speed   Time    Time     Time  Current Dload  Upload   Total   Spent    Left  Speed 0     0    0     0    0     0      0      0 -- -- -- -- -- -- -- -- --     0  Trying 172 217 163 46 443    TCP NODELAY set Connected to google com  172 217 163 46  port 443   0  ALPN  offering h2 ALPN  offering http 1 1 successfully set certificate verify locations  CAfile   etc ssl certs ca-certificates crt CApath   etc ssl certs    5 bytes data  TLSv1 3  OUT   TLS handshake  Client hello  1      512 bytes data

[ssl] curl: (35) error:1408F10B:SSL routines:ssl3_get_record:wrong version number

Examples related to ssl

Examples related to curl