Details
-
Bug
-
Status: Resolved
-
Not specified
-
Resolution: Fixed
-
8.4.2
-
None
-
None
-
Test env: 8.4.x branch in a bare metal environment
Description
Sample ECL executed against hthor:
URL := 'https://v2.jokeapi.dev/joke/Misc,Programming?format=xml&safe-mode&type=single'; raw := HTTPCALL(URL, 'GET', 'text/xml', {STRING joke {XPATH('joke')}}, XPATH('data')); OUTPUT(raw);
Produces this error in the workunit:
System error: -1: <Error><text>SSL_connect failed: error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure</text><url>https://v2.jokeapi.dev:443/joke/Misc,Programming?format=xml&safe-mode&type=single</url></Error> (in HTTP dataset G1 E2)
Verbose curl output from same URL:
$ curl -v 'https://v2.jokeapi.dev/joke/Misc,Programming?format=xml&safe-mode&type=single' * Trying 172.64.129.37:443... * Connected to v2.jokeapi.dev (172.64.129.37) port 443 (#0) * ALPN, offering http/1.1 * successfully set certificate verify locations: * CAfile: /opt/local/share/curl/curl-ca-bundle.crt * CApath: none * TLSv1.3 (OUT), TLS handshake, Client hello (1): * TLSv1.3 (IN), TLS handshake, Server hello (2): * TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8): * TLSv1.3 (IN), TLS handshake, Certificate (11): * TLSv1.3 (IN), TLS handshake, CERT verify (15): * TLSv1.3 (IN), TLS handshake, Finished (20): * TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1): * TLSv1.3 (OUT), TLS handshake, Finished (20): * SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384 * ALPN, server accepted to use http/1.1 * Server certificate: * subject: C=US; ST=California; L=San Francisco; O=Cloudflare, Inc.; CN=sni.cloudflaressl.com * start date: Jul 12 00:00:00 2021 GMT * expire date: Jul 11 23:59:59 2022 GMT * subjectAltName: host "v2.jokeapi.dev" matched cert's "*.jokeapi.dev" * issuer: C=US; O=Cloudflare, Inc.; CN=Cloudflare Inc ECC CA-3 * SSL certificate verify ok. > GET /joke/Misc,Programming?format=xml&safe-mode&type=single HTTP/1.1 > Host: v2.jokeapi.dev > User-Agent: curl/7.78.0 > Accept: */* > * TLSv1.3 (IN), TLS handshake, Newsession Ticket (4): * TLSv1.3 (IN), TLS handshake, Newsession Ticket (4): * old SSL session ID is stale, removing * Mark bundle as not supporting multiuse < HTTP/1.1 200 OK < Date: Fri, 15 Oct 2021 00:13:02 GMT < Content-Type: application/xml; charset=UTF-8 < Content-Length: 460 < Connection: keep-alive < CF-Ray: 69e4d6dbc85a21eb-MIA < Access-Control-Allow-Origin: * < Allow: GET, POST, HEAD, OPTIONS, PUT < Cache-Control: no-cache, no-store, must-revalidate, no-transform < Expires: 0 < Retry-After: 51 < CF-Cache-Status: DYNAMIC < access-control-allow-headers: * < access-control-allow-methods: GET, POST, HEAD, OPTIONS, PUT < access-control-request-method: GET < api-info: JokeAPI v2.3.1 (https://v2.jokeapi.dev) < Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" < pragma: no-cache < ratelimit-limit: 100 < ratelimit-remaining: 98 < ratelimit-reset: Fri Oct 15 2021 02:13:53 GMT+0200 (Central European Summer Time) < Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0akIH4bVcnLrdXKPeKZlO54y77Mmslc1Azvdh1VJtfULVJnoexUTX19huipOH4ZZ%2B9zOOmmyrwEE6IaRLm3fOMCX3HcoarV45TNaADDu2e41GgywJeWh1rtKgbrDXpSwIQ%3D%3D"}],"group":"cf-nel","max_age":604800} < NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} < Server: cloudflare < alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 < <?xml version='1.0'?> <data> <error>false</error> <category>Programming</category> <type>single</type> <joke>ASCII silly question, get a silly ANSI.</joke> <flags> <nsfw>false</nsfw> <religious>false</religious> <political>false</political> <racist>false</racist> <sexist>false</sexist> <explicit>false</explicit> </flags> <id>25</id> <safe>true</safe> <lang>en</lang> * Connection #0 to host v2.jokeapi.dev left intact </data>
Other https URLs had no issues.
