8

I'm attempting to retrieve a resource using wget, however I keep receiving the following error: 

Unable to establish SSL connection.

I've tried the following commands:

wget -d https://resourcesource.com/spring-boot-starter-parent-2.0.0.RELEASE.pom 
wget --no-check-certificate -d https://resourcesource.com/spring-boot-starter-parent-2.0.0.RELEASE.pom

And neither has worked.

Detailed logs:

Resolving resourcesource.com (resourcesource.com)... {ip address}
Caching resourcesource.com => {ip address}
Connecting to resourcesource.com 
(resourcesource.com)|{ip address}:443... connected.
Created socket 3.
Releasing 0x000055c98ca7a8d0 (new refcount 1).
Initiating SSL handshake.
SSL handshake failed.
Closed fd 3
Unable to establish SSL connection.
Saving HSTS entries to /root/.wget-hsts

I'm running this from a docker container. If I try accessing the resource through my machine, I'm able to get to it.

Any advice on resolving this is greatly appreciate it.

Thank you.

afontalv
  • 313
  • 1
  • 4
  • 12
  • If you gave the true URL people could have helped you better. Hence downvote. – Patrick Mevzek May 11 '18 at 15:41
  • 3
    The URL is an internal company site, so even if I had given it to you, you wouldn't have been able to get to it. – afontalv May 11 '18 at 18:28
  • You could have at least given details about the server certificate... maybe your client does not trust its CA. Your question still lacks a lot of details: OS version, wget version, server type/configuration, etc. Did you try other clients? `curl` ? `openssl s_client` ? etc. Remember that his site is not just for you to solve your own problems but later on for people to use answers as help. Also you are offtopic here, try ServerFault instead or SuperUser. – Patrick Mevzek May 11 '18 at 18:32

2 Answers2

1

This is most likely due to a TLS version mismatch from client to server-side. Have a look here:

Unable to establish SSL connection upon wget on Ubuntu 14.04 LTS

EDIT: Upon further digging into the problem, it could also be because of a wrong system time or an old version of wget.

n00ne
  • 239
  • 1
  • 7
  • Thanks for the feedback, I have tried connecting to the resource with curl and openssl. With openssl, I get the following error: SSL routines:ssl23_write:ssl handshake failure:s23_lib.c:177 – afontalv May 11 '18 at 14:14
  • have you tried setting the used protocol version with "-tls1 -no_tls1_1 no_tls1_2"? If i do this from my box, i can successfully connect with TLS1 and TLS1.2, but not with TLS1.1. You could try to connect from your docker container with openssl. If successful for one version (start with TLS1), use that in wget with --secure-protocol=TLSv1 – n00ne May 11 '18 at 14:22
  • also for more details on OS versions, look here: https://serverfault.com/questions/389197/ssl-routinesssl23-writessl-handshake-failure – n00ne May 11 '18 at 14:24
1

This command solved my problem---> sudo yum update wget

jyothsna reddy
  • 11
  • 3