I got the exact same response from curl when trying to connect with an ubuntu instance running openssl 1.0.0e. I successfully resolved the problem by adding the -ssl3flag to the curl command.

尝试连接运行 openssl 1.0.0e 的 ubuntu 实例时，我从 curl 得到了完全相同的响应。我通过在 curl 命令中添加-ssl3标志成功解决了这个问题。

It seems that it's a compatibility problem between older version of OpenSSL (0.9.8) acting as a client and recent OpenSSL version (1.0.0) acting as a server with some specific options used by Curl on client side and Apache on server side.

似乎这是旧版本的 OpenSSL (0.9.8) 充当客户端和最近的 OpenSSL 版本 (1.0.0) 充当服务器之间的兼容性问题，其中 Curl 在客户端和 Apache 在服务器端使用了一些特定选项。

It's probably due to some recent security fix in OpenSSL (probably the one against protocol downgrade attacks).

这可能是由于 OpenSSL 中最近的一些安全修复（可能是针对协议降级攻击的修复）。

Try upgrading the OpenSSL library version on the client side to 1.0.0.

尝试将客户端的 OpenSSL 库版本升级到 1.0.0。

See:

看：

https://sourceforge.net/tracker/?func=detail&atid=100976&aid=3395520&group_id=976

https://sourceforge.net/tracker/?func=detail&atid=100976&aid=3395520&group_id=976

In case anyone has this issue with XMLRPC.

如果有人在 XMLRPC 上遇到这个问题。

Daniel's answer (forcing SSL version 3) solved the issue for me. just specify XMLRPC_SSLVERSION_SSLv3 in the clientXmlTransport_curl options (C++).

Daniel 的回答（强制使用 SSL 版本 3）为我解决了这个问题。只需在 clientXmlTransport_curl 选项 (C++) 中指定 XMLRPC_SSLVERSION_SSLv3。

The problem began when we upgraded our server to OpenSSL version 1.0.1-4ubuntu5.5 and the clients were still running 0.9.8o-5ubuntu1.7.

当我们将服务器升级到 OpenSSL 版本 1.0.1-4ubuntu5.5 并且客户端仍在运行 0.9.8o-5ubuntu1.7 时，问题就开始了。

Not sure if I had exactly the same problem, but the error message was the same. It only seemed to be happening on the ubuntu box I set up a git server on, for some reason the centos box with a git server set up on it was fine.

不确定我是否遇到了完全相同的问题，但错误消息是相同的。它似乎只发生在我设置了 git 服务器的 ubuntu 机器上，出于某种原因，设置了 git 服务器的 centos 机器很好。

I only just solved it after 3 or 4 days. It turns out to be because git's underlying Curl library has a broken Keep-alive implementation (I ended up dumping HTTP traffic and verifying the behaviour by hand).

我只是在 3 或 4 天后才解决它。原来是因为 git 的底层 Curl 库有一个损坏的 Keep-alive 实现（我最终转储了 HTTP 流量并手动验证了行为）。

In a nutshell Curl (at least the version used inside every Git implementation I could find, including command line git and eclipse's EGit) doesn't seem to correctly interpret the Connection response header, or more correctly doesn't seem to correctly interpret the absence of it.

简而言之，Curl（至少在我能找到的每个 Git 实现中使用的版本，包括命令行 git 和 eclipse 的 EGit）似乎没有正确解释连接响应头，或者更正确地似乎没有正确解释缺失其中。

To fix the problem you need to configure the SSL virtual host inside the apache that is serving your GIT repository with an extra directive specifically for git. Add these lines just before the </VirtualHost>.

要解决此问题，您需要在 apache 中配置 SSL 虚拟主机，该主机为您的 GIT 存储库提供专门针对 git 的额外指令。在 </VirtualHost> 之前添加这些行。

 BrowserMatch "git" nokeepalive ssl-unclean-shutdown

You unfortunately can't tell apache to just downgrade to HTTP/1.0 (would be cleaner) because Curl can't handle that, but you can just tell it to force a Connection:close on every request which Curl does know how to handle.

不幸的是，您不能告诉 apache 只降级到 HTTP/1.0（会更干净），因为 Curl 无法处理它，但是您可以告诉它强制 Connection:close 对 Curl 知道如何处理的每个请求进行连接。

In a misleading coincidence, if you try to test Curl directly without this change it will seem to work, because it makes a single request and then aborts. Only by getting curl to execute two requests on the same keep-alive connection over ssl will this problem become apparent.

巧合的是，如果您尝试在没有此更改的情况下直接测试 Curl，它似乎会起作用，因为它发出单个请求然后中止。只有让 curl 通过 ssl 在同一个 keep-alive 连接上执行两个请求，这个问题才会变得明显。

I believe this is a host-name matching issue on the server. Error 1112 is SSL_R_TLSV1_UNRECOGNIZED_NAME, and comes from an SNI name mismatch (info on SNI). I was having the same issue in curl.

我相信这是服务器上的主机名匹配问题。错误 1112 是 SSL_R_TLSV1_UNRECOGNIZED_NAME，来自 SNI 名称不匹配（关于 SNI 的信息）。我在 curl 中遇到了同样的问题。

For me, the work around was to make sure the name I used on the client matched one of the ServerName or ServerAlias configurations on the server. Of course, these commands are for an apache server; I don't know what you need to do for a git server. But I suspect the server names you're using from home and work are different, and the home name is the cannonical name the git server is using (and therefore SNI is working).

对我来说，解决方法是确保我在客户端上使用的名称与服务器上的 ServerName 或 ServerAlias 配置之一匹配。当然，这些命令是针对 apache 服务器的；我不知道您需要为 git 服务器做什么。但我怀疑您在家中和工作中使用的服务器名称不同，并且家庭名称是 git 服务器正在使用的规范名称（因此 SNI 正在工作）。

The 'real' fix will probably take a client change in git to allow a way to ignore the name-mismatch warning (the way your browser already does).

“真正的”修复可能会在 git 中进行客户端更改，以允许一种忽略名称不匹配警告的方法（您的浏览器已经这样做了）。

I had the same error. The root cause seems to be incompatibility of client/server openssl versions. I've upgraded my server with apt-get upgrade openssland upgraded my windows git installation.

我有同样的错误。根本原因似乎是客户端/服务器 openssl 版本不兼容。我已经升级了我的服务器apt-get upgrade openssl并升级了我的 Windows git 安装。

The combination of windows git client git version 1.9.4.msysgit.0, which contains openssl version: OpenSSL 0.9.8e 23 Feb 2007

windows git client 的组合 git version 1.9.4.msysgit.0，其中包含 openssl 版本： OpenSSL 0.9.8e 23 Feb 2007

And server with openssl version: OpenSSL 1.0.1c 10 May 2012

和具有 openssl 版本的服务器： OpenSSL 1.0.1c 10 May 2012

seems to work fine together.

似乎一起工作得很好。