hat jemand eine Version von cURL mit OpenSSL 1.0.1 oder höher für die CCU2 ?
Die cURL/OpenSSL Version in CUxD 2.2 kann leider noch kein TLS1.2
(..TLS 1.2 support is from OpenSSL version 1.0.1.)
CCU cURL version:
Code: Alles auswählen
# /usr/local/addons/cuxd/extra/curl -V
curl 7.46.0 (arm-unknown-linux-gnu) libcurl/7.46.0 OpenSSL/1.0.0j zlib/1.2.7
Protocols: dict file ftp ftps gopher http https imap imaps pop3 pop3s rtsp smb smbs smtp smtps telnet tftp
Features: IPv6 Largefile NTLM NTLM_WB SSL libz UnixSockets
Einige Server lassen https calls nur noch mit TLS 1.2 zu, wie hier zu sehen -
mit OpenSSL 1.0.0. geht es nicht mehr...
Code: Alles auswählen
# /usr/local/addons/cuxd/extra/curl https://api.coindesk.com/v1/bpi/currentprice.json --verbose
* Trying 52.85.246.20...
* Connected to api.coindesk.com (52.85.246.20) port 443 (#0)
* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
* TLSv1.0 (OUT), TLS handshake, Client hello (1):
* TLSv1.0 (IN), TLS alert, Server hello (2):
* error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure
* Closing connection 0
curl: (35) error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure
mit cURL+OpenSSL 1.0.1 gehts...
siehe: SSL connection using TLSv1.2
Code: Alles auswählen
curl https://api.coindesk.com/v1/bpi/currentprice.json -verbose
* Trying 143.204.192.41...
* TCP_NODELAY set
* Connected to api.coindesk.com (143.204.192.41) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
* successfully set certificate verify locations:
* CAfile: /etc/ssl/cert.pem
CApath: none
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Client hello (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS change cipher, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-AES128-GCM-SHA256
* ALPN, server accepted to use h2
* Server certificate:
* subject: CN=api.coindesk.com
* start date: Nov 5 00:00:00 2018 GMT
* expire date: Dec 5 12:00:00 2019 GMT
* subjectAltName: host "api.coindesk.com" matched cert's "api.coindesk.com"
* issuer: C=US; O=Amazon; OU=Server CA 1B; CN=Amazon
* SSL certificate verify ok.
* Using HTTP2, server supports multi-use
* Connection state changed (HTTP/2 confirmed)
* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
* Using Stream ID: 1 (easy handle 0x7fc6b1806600)
> GET /v1/bpi/currentprice.json HTTP/2
> Host: api.coindesk.com
> User-Agent: curl/7.54.0
> Accept: */*
> Referer: rbose
>
* Connection state changed (MAX_CONCURRENT_STREAMS updated)!
< HTTP/2 200
< content-type: application/javascript
< content-length: 673
< access-control-allow-origin: *
< cache-control: max-age=15
< date: Sat, 16 Mar 2019 08:51:55 GMT
< expires: Sat, 16 Mar 2019 08:52:07 UTC
< server: nginx/1.14.1
< x-powered-by: Fat-Free Framework
< x-cache: Miss from cloudfront
< via: 1.1 5eade7e5ebbbd665bf0f8d23a84cc713.cloudfront.net (CloudFront)
< x-amz-cf-id: Q9qjKaFflNC5FY8c4v7a6MP6tdNvX_Q1zhlFI0418lmlZS3MMC-FEQ==
<
* Connection #0 to host api.coindesk.com left intact
{"time":{"updated":"Mar 16, 2019 08:51:00 UTC","updatedISO":"2019-03-16T08:51:00+00:00","updateduk":"Mar 16, 2019 at 08:51 GMT"},"disclaimer":"This data was produced from the CoinDesk Bitcoin Price Index (USD). Non-USD currency data converted using hourly conversion rate from openexchangerates.org","chartName":"Bitcoin","bpi":{"USD":{"code":"USD","symbol":"$","rate":"4,027.4183","description":"United States Dollar","rate_float":4027.4183},"GBP":{"code":"GBP","symbol":"£","rate":"3,026.2021","description":"British Pound Sterling","rate_float":3026.2021},"EUR":{"code":"EUR","symbol":"€","rate":"3,553.3912","description":"Euro","rate_float":3553.3912}}}
Gruss,
Christian