git SSL23_GET_SERVER_HELLO:sslv3 警报握手失败
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/31113039/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure
提问by maestromani
i just installed new version of gitlab, after new installation ssl is not working... it throws SSL23_GET_SERVER_HELLO:sslv3 alert handshake error. ssh is working fine. only difference i see is in old browser says it is using TLS 1.0 and in new version it says 1.2. Since this is nothing to do with gitlab i posting the problem in stackoverflow...
我刚刚安装了新版本的 gitlab,在新安装后 ssl 不起作用......它抛出 SSL23_GET_SERVER_HELLO:sslv3 警报握手错误。ssh 工作正常。我看到的唯一区别是旧浏览器说它使用 TLS 1.0,而在新版本中它说 1.2。由于这与 gitlab 无关,因此我在 stackoverflow 中发布了问题...
$ git clone https://gitlabserver/group/project.git
Cloning into 'project'...
* Couldn't find host gitlabserver in the _netrc file; using defaults
* Adding handle: conn: 0x282d6f8
* Adding handle: send: 0
* Adding handle: recv: 0
* Curl_addHandleToPipeline: length: 1
* - Conn 0 (0x282d6f8) send_pipe: 1, recv_pipe: 0
* About to connect() to gitlabserver port 443 (#0)
* Trying gitlabserver...
* Connected to gitlabserver port 443 (#0)
* successfully set certificate verify locations:
* CAfile: c:/Users/lanid/curl-ca-bundle.crt
CApath: none
* error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure
* Closing connection 0
fatal: unable to access 'https://gitlabserver/group/project.git/': error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure
Here is OpenSSL s_clientoutput while testing with TLS 1.0 and SNI:
这是s_client使用 TLS 1.0 和 SNI 进行测试时的OpenSSL输出:
openssl s_client -connect <hostname>:<port> -tls1 -servername <hostname>
Loading 'screen' into random state - done
CONNECTED(00000208)
8008:error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure:.\ssl\s3_pkt.c:1126:SSL alert number 40
8008:error:1409E0E5:SSL routines:SSL3_WRITE_BYTES:ssl handshake failure:.\ssl\s3_pkt.c:547:
Same command for another server with same setup but old version works file...
具有相同设置但旧版本工作文件的另一台服务器的相同命令...
采纳答案by maestromani
Upgrading openssl resolved this issue...
升级 openssl 解决了这个问题...
回答by Dharmaraj Kavatagi
If you facing this issue on Git Client.
如果您在 Git 客户端上遇到此问题。
Then install latest version of Git bash.
然后安装最新版本的 Git bash。
I faced the same issue and resolved installing the new Git Client.
我遇到了同样的问题并解决了安装新 Git 客户端的问题。
回答by propMaster
An upgrade of OpenSSL should resolve your issues.
升级 OpenSSL 应该可以解决您的问题。
OpenSSL has had some serious vulnerabilities exposed of late. As well, many web servers around the web have tightened up security to block those vulnerable protocols and ciphers.
OpenSSL 最近暴露了一些严重的漏洞。同样,网络上的许多网络服务器都加强了安全性以阻止那些易受攻击的协议和密码。
