因此,如果我尝试通过Google Chrome或wget连接到我的NodeJS Web服务器,则一切正常,并且网站通过https显示。但是,如果我尝试通过curl获取内容,它将执行该操作并显示以下内容:
* Added myhost.local:443:127.0.0.1 to DNS cache
* Rebuilt URL to: https://myhost.local/
* Hostname myhost.local was found in DNS cache
* Trying 127.0.0.1...
* TCP_NODELAY set
* Connected to myhost.local (127.0.0.1) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: /etc/ssl/certs/ca-certificates.crt
CApath: /etc/ssl/certs
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Client hello (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to myhost.local:443
* stopped the pause stream!
* Closing connection 0
curl: (35) OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to myhost.local:443
为简单起见,我更改了主机名。 SSL证书本身非常好并且值得信任。通过OpenSSL连接也可以。另外,这些是我在节点10上使用的密码:
ECDHE-ECDSA-AES256-GCM-SHA384:
ECDHE-RSA-AES256-GCM-SHA384:
ECDHE-ECDSA-CHACHA20-POLY1305:
ECDHE-RSA-CHACHA20-POLY1305:
ECDHE-ECDSA-AES128-GCM-SHA256:
ECDHE-RSA-AES128-GCM-SHA256:
ECDHE-ECDSA-AES256-SHA384:
ECDHE-RSA-AES256-SHA384:
ECDHE-ECDSA-AES128-SHA256:
ECDHE-RSA-AES128-SHA256:
!aNULL:
!eNULL:
!EXPORT:
!DES:
!RC4:
!3DES:
!MD5:
!PSK
那我该如何解决甚至解决这个问题?