Cronjob SSL problem
Dear friends,
I've got a problem with my cronjobs connecting to an SSL page using wget / curl and can't figure out the problem. The website is running without any problems with the SSL certificate.
When trying to run a cronjob to an SSL secured page I get the error:
So I checked SSH OpenSSL connection to port 443:
When I try Curl:
The same with the hostname url:
There is a difference between the two ip adresses (IPv4 and IPv6) but the connection is OK. Does anybody have a idea why this error showing up?
OpenSSL: error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol Unable to establish SSL connection.So I checked SSH OpenSSL connection to port 443:
CONNECTED(00000003)
139924839712584:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol:s23_clnt.c:769:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 7 bytes and written 247 bytes
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
When I try Curl:
* About to connect() to www.example.nl port 443 (#0)
* Trying 2a01:7c8:abc9:3d5::1... connected
* Connected to www.server.nl (2a01:7c8:abc9:3d5::1) port 443 (#0)
* Initializing NSS with certpath: sql:/etc/pki/nssdb
* CAfile: /etc/pki/tls/certs/ca-bundle.crt
CApath: none
* NSS error -12263
* Closing connection #0
* SSL connect error
curl: (35) SSL connect errorThe same with the hostname url:
* About to connect() to server.server.nl port 443 (#0)
* Trying 149.999.189.86... connected
* Connected to server.laenenmusic.nl (149.999.189.86) port 443 (#0)
* Initializing NSS with certpath: sql:/etc/pki/nssdb
* CAfile: /etc/pki/tls/certs/ca-bundle.crt
CApath: none
* SSL connection using TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
* Server certificate:
* subject: CN=server.server.nl,OU=PositiveSSL,OU=Domain Control Validated
ETC
There is a difference between the two ip adresses (IPv4 and IPv6) but the connection is OK. Does anybody have a idea why this error showing up?
-
I had a problem with similar symptoms about a week ago. I noticed it when calls to WordPress update server (also wget https) were failing with the same error. While I cant say exactly how the issue is caused, I suspected it may be with the bind server. My bind was set up as a caching nameserver and I suspected problem with cached dns lookups I ran the cmd... rndc flush
to flush the cache. Then restarted bind with the cmd.../usr/local/cpanel/scripts/restartsrv_named
or use the WHM interface to do the restart. After these actions the https wget requests started succeeding again. Maybe the restart of named may have been enough (I cant reproduce the issue once its fixed so I cant test that.)0 -
Hello, Can you verify if the information in the previous post helps? Thank you. 0 -
Thanks Fuzzy for you answer, I tried what did help you but without success.... When I use: rndc flush
The respons is: WARNING: key file (/etc/rndc.key) exists, but using default configuration file (/etc/rndc.conf) Maybe this is part of the problem... I don't know. I forgot to mention, but the problem started when we updated from EasyApache3 to EasyApache4. Any Idea how to solve the warning? Thanks0 -
Hello Nick, Could you open a support ticket using the link in my signature so we can take a closer look? Thank you. 0
Please sign in to leave a comment.
Comments
4 comments