I’ve used curl as a debugging tool for a long time. But time moves on and my testing system didn’t. So now for the first time I saw an error that is produced by this situation, and I will explain it.
$ curl ‐i ‐k https://julialang.org/
curl: (35) error:1407742E:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1 alert protocol version
$ curl ‐help
... -2/--sslv2 Use SSLv2 (SSL) -3/--sslv3 Use SSLv3 (SSL) ... -1/--tlsv1 Use TLSv1 (SSL) ...
Compare this to a server which I’ve kept up-to-date with openssl and curl:
... -2/--sslv2 Use SSLv2 (SSL) -3/--sslv3 Use SSLv3 (SSL) ... -1/--tlsv1 Use => TLSv1 (SSL) --tlsv1.0 Use TLSv1.0 (SSL) --tlsv1.1 Use TLSv1.1 (SSL) --tlsv1.2 Use TLSv1.2 (SSL) ...
On this server I can fetch the home page with curl.
So it appears the older system does not have a compatible version of TLS. To confirm this use SSLLABS. We see this:
Sure enough, only TLS 1.2 is supported by the server, and my poor old curl doesn’t have that! Too bad for me, but it shows it’s time to upgrade.
A TLS version error is explained, as well as the way it came about.