4

I get data via several proxys from external site (let it be fictional NotMySite.ru) with cURL PHP on virtual hosting. Some proxys worked nice, but some can't get data with error in topic.

See full log:

*   Trying 45.15.237.221...
* TCP_NODELAY set
* Connected to 45.15.237.221 (45.15.237.221) port 5500 (#0)
* allocate connect buffer!
* Establish HTTP proxy tunnel to NotMySite.ru:443
* Proxy auth using Basic with user 'MGdfnF'
> CONNECT NotMySite.ru:443 HTTP/1.1
Host: NotMySite.ru:443
Proxy-Authorization: Basic TUdkZm5GOkJMTWRnZElONmw=
Proxy-Connection: Keep-Alive

< HTTP/1.0 200 Connection established
< 
* Proxy replied 200 to CONNECT request
* CONNECT phase completed!
* ALPN, offering h2
* ALPN, offering http/1.1
* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
* successfully set certificate verify locations:
*   CAfile: /etc/ssl/certs/ca-certificates.crt
  CApath: /etc/ssl/certs
* OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to NotMySite.ru:443 
* Closing connection 0

Googling gave me several options to fix the situation, but nothing helped.

I tried different options cURL for disable any SSL verifys and similar, e.c.:

CURLOPT_SSL_VERIFYHOST => false //all proxy not worked
CURLOPT_SSL_VERIFYPEER false
CURLOPT_SSLVERSION => 3 //all proxy not worked
CURLOPT_SSL_VERIFYSTATUS => false

Nothing helps..what other options?

Роман Высоцкий
  • 41
  • 1
  • 1
  • 3
  • 1
    The error is not about certificate validation, so any attempts to solve it by switching certificate validation off will not help. There are many reasons why such error can happen, like wrong domain name, proxy blocking connections, server not or incorrectly setup for HTTPS, no shared ciphers ... . Without having the real domain name you are trying to reach it is impossible to further debug the problem. But you might check the domain in question with [SSLLabs](https://www.ssllabs.com/ssltest/analyze.html) and see if it shows some obvious problems. – Steffen Ullrich Mar 25 '22 at 07:13
  • Note also that the `Proxy-Authorization: Basic ...` line contains the username and password for the proxy (in base64). You might want to edit your question to hide it. – Steffen Ullrich Mar 25 '22 at 07:16
  • Full error (with domain name) is "OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to dkbm-web.autoins.ru:443". – Роман Высоцкий Mar 28 '22 at 11:47
  • Don't worry for username and password for the proxy - it's temporary proxy – Роман Высоцкий Mar 28 '22 at 11:48
  • I tryed verivy domain with SSLLabs ang get "Assessment failed: Unable to connect to the server" – Роман Высоцкий Mar 28 '22 at 11:52

0 Answers0