服务器 Gind.cn
  1. 服务器 Gind.cn
  3. 如何对特定服务器执行HTTPS请求?
Intereting Posts
Web服务器的高可用性和复制 批量添加/删除/从SBS2003 POP3连接器帐户 防止磁盘损坏数据的最佳做法 Solaris:如何列出每个进程的交换空间? VSFTPD – Linux(CentOS 5) – 制作一个dir FTP根目录 如何为OSX Mountain LionconfigurationDNS查找? Exchange 2007/2010可以创build传输规则以防止电子邮件转发? 任何非定制的方式来pipe理与fail2ban和libvirt + kvm的iptables? 我应该部署哪个打印驱动程序? 什么是打印驱动程序能够? 当将Windows服务器移动到另一个域时,我们应该注意什么 Apache2无法安装 本地DNS和Apache服务器configuration干扰 – example.com / www.example.com Windows 2003服务器SCSI卡不可用:如何从SCSI启动到PATA? 获取新服务器以运行ESXi和SAN / NAS 如何更改作曲者的默认超时configuration文件

如何对特定服务器执行HTTPS请求?

我想在将它们添加到负载平衡器之前检查特定的服务器。 负载平衡器只是在TCP级别转发到实例,实例正在处理SSL握手。 问题是我无法获得SSL握手的工作。

目前正在尝试使用curl请求: 

 » curl "https://api.filestage.io/ping" --resolve "api.filestage.io:443:52.58.200.141" -v -I * Added api.filestage.io:443:52.58.200.141 to DNS cache * Hostname api.filestage.io was found in DNS cache * Trying 52.58.200.141... * TCP_NODELAY set * Connected to api.filestage.io (52.58.200.141) port 443 (#0) * ALPN, offering h2 * ALPN, offering http/1.1 * Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH * successfully set certificate verify locations: * CAfile: /etc/ssl/certs/ca-certificates.crt CApath: none * TLSv1.2 (OUT), TLS handshake, Client hello (1): * OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to api.filestage.io:443 * stopped the pause stream! * Closing connection 0 curl: (35) OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to api.filestage.io:443

如果我尝试对负载平衡器(没有解决标志)的请求,那么我得到一个成功的响应: 

 » curl "https://api.filestage.io/ping" -v -I * Trying 52.28.99.28... * TCP_NODELAY set * Connected to api.filestage.io (52.28.99.28) port 443 (#0) * ALPN, offering h2 * ALPN, offering http/1.1 * Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH * successfully set certificate verify locations: * CAfile: /etc/ssl/certs/ca-certificates.crt CApath: none * TLSv1.2 (OUT), TLS handshake, Client hello (1): * TLSv1.2 (IN), TLS handshake, Server hello (2): * TLSv1.2 (IN), TLS handshake, Certificate (11): * TLSv1.2 (IN), TLS handshake, Server key exchange (12): * TLSv1.2 (IN), TLS handshake, Server finished (14): * TLSv1.2 (OUT), TLS handshake, Client key exchange (16): * TLSv1.2 (OUT), TLS change cipher, Client hello (1): * TLSv1.2 (OUT), TLS handshake, Finished (20): * TLSv1.2 (IN), TLS handshake, Finished (20): * SSL connection using TLSv1.2 / ECDHE-RSA-AES128-GCM-SHA256 * ALPN, server accepted to use http/1.1 * Server certificate: * subject: OU=Domain Control Validated; OU=PositiveSSL Wildcard; CN=*.filestage.io * start date: Sep 7 00:00:00 2016 GMT * expire date: Sep 7 23:59:59 2017 GMT * subjectAltName: host "api.filestage.io" matched cert's "*.filestage.io" * issuer: C=GB; ST=Greater Manchester; L=Salford; O=COMODO CA Limited; CN=COMODO RSA Domain Validation Secure Server CA * SSL certificate verify ok. > HEAD /ping HTTP/1.1 > Host: api.filestage.io > User-Agent: curl/7.54.0 > Accept: */* > < HTTP/1.1 200 OK HTTP/1.1 200 OK < Access-Control-Allow-Credentials: true Access-Control-Allow-Credentials: true < Access-Control-Allow-Origin: undefined Access-Control-Allow-Origin: undefined < Access-Control-Allow-Methods: GET,PUT,POST,DELETE Access-Control-Allow-Methods: GET,PUT,POST,DELETE < Access-Control-Allow-Headers: Content-Type, Accept Access-Control-Allow-Headers: Content-Type, Accept < Cache-Control: no-cache, no-store, must-revalidate Cache-Control: no-cache, no-store, must-revalidate < Pragma: no-cache Pragma: no-cache < Expires: 0 Expires: 0 < X-DNS-Prefetch-Control: off X-DNS-Prefetch-Control: off < X-Frame-Options: SAMEORIGIN X-Frame-Options: SAMEORIGIN < Strict-Transport-Security: max-age=15552000; includeSubDomains Strict-Transport-Security: max-age=15552000; includeSubDomains < X-Download-Options: noopen X-Download-Options: noopen < X-Content-Type-Options: nosniff X-Content-Type-Options: nosniff < X-XSS-Protection: 1; mode=block X-XSS-Protection: 1; mode=block < Content-Type: application/json; charset=utf-8 Content-Type: application/json; charset=utf-8 < Content-Length: 6 Content-Length: 6 < ETag: W/"6-mjpCz9K3x3LxXfhnNpzLeg" ETag: W/"6-mjpCz9K3x3LxXfhnNpzLeg" < set-cookie: fstg_sid=s%3AUdiZR7MEERHtfRcNooV82ek-UrAL7XtG.sYHes4MGaaqLWdMZptF7LW%2FVplTrWkSCCZMMqOleUyY; Domain=.filestage.io; Path=/; Expires=Tue, 25 Jul 2017 10:57:42 GMT; HttpOnly; Secure set-cookie: fstg_sid=s%3AUdiZR7MEERHtfRcNooV82ek-UrAL7XtG.sYHes4MGaaqLWdMZptF7LW%2FVplTrWkSCCZMMqOleUyY; Domain=.filestage.io; Path=/; Expires=Tue, 25 Jul 2017 10:57:42 GMT; HttpOnly; Secure < Vary: Accept-Encoding Vary: Accept-Encoding < Date: Tue, 18 Jul 2017 10:57:42 GMT Date: Tue, 18 Jul 2017 10:57:42 GMT < Connection: keep-alive Connection: keep-alive < * Connection #0 to host api.filestage.io left intact

我得到的错误是不给我任何线索,任何想法,我怎么能得到更多关于什么是错的信息?