wget + nginx + ssl

Igor Sysoev is at rambler-co.ru
Thu Sep 10 17:47:46 MSD 2009


On Thu, Sep 10, 2009 at 11:02:04AM +0300, Mihails wrote:

> 
> Запускаю : " wget -d --certificate=/home/client.crt
> https://192.168.1.210"
> Connecting to 192.168.1.210|192.168.1.210|:443... connected.
> Created socket 3.
> Releasing 0x09456c98 (new refcount 1).
> Initiating SSL handshake.
> SSL handshake failed.
> OpenSSL: error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert
> handshake failure
> Closed fd 3
> Unable to establish SSL connection.
> После чего пришёл к выводу,что через
> wget не происходит соединение.

Что в error_log nginx' на info уровне ?

-       ssl_client_certificate  client.crt;
+       ssl_client_certificate  ca.crt;

У меня wget с этим набором сертификатов соединялся только в таком случае:

wget -d --no-check-certificate
        --certificate=client.crt
        --private-key=client.key

Для

wget -d --ca-certificate=ca.crt
        --certificate=client.crt
        --private-key=client.key

Выдавалось

Initiating SSL handshake.
Handshake successful; connected socket 3 to SSL handle 0x0808fa00
certificate:
  subject: ...
  issuer:  ...
ERROR: Certificate verification error for t42: self signed certificate
To connect to localhost insecurely, use `--no-check-certificate'.
Closed 3/SSL 0x808fa00
Unable to establish SSL connection.


-- 
Игорь Сысоев
http://sysoev.ru





More information about the nginx-ru mailing list