I'm having an issue with getting response from ELB using openssl package.
Curl works well:
$ curl -iv * TCP_NODELAY set * Connected to example.com (*.*.*.*) port 443 (#0) * Initializing NSS with certpath: sql:/etc/pki/nssdb * CAfile: /etc/pki/tls/certs/ca-bundle.crt CApath: none * ALPN/NPN, server did not agree to a protocol * SSL connection using TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 > GET /isActive HTTP/1.1 > Host: example.com > User-Agent: curl/7.53.1 > Accept: */* > < HTTP/1.1 200 HTTP/1.1 200 < Access-Control-Allow-Headers: origin, content-getMessageType, accept, x-requested-with Access-Control-Allow-Headers: origin, content-getMessageType, accept, x-requested-with < Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS < Access-Control-Allow-Origin: Access-Control-Allow-Origin: < Cache-Control: no-cache,no-store,max-age=0 Cache-Control: no-cache,no-store,max-age=0 < Date: Thu, 25 Oct 2018 12:48:26 GMT Date: Thu, 25 Oct 2018 12:48:26 GMT < Content-Length: 6 Content-Length: 6 < Connection: keep-alive Connection: keep-alive < * Connection #0 to host example.com left intact ACTIVEBut when I'm using openssl package and trying to type in any HTTP Method i'm getting timeout error:
$ openssl s_client -connect example.com:443 CONNECTED(00000003) No client certificate CA names sent Peer signing digest: SHA512 Server Temp Key: ECDH, P-256, 256 bits --- SSL handshake has read 3205 bytes and written 415 bytes --- New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES128-GCM-SHA256 Server public key is 2048 bit Secure Renegotiation IS supported Compression: NONE Expansion: NONE No ALPN negotiated SSL-Session: Protocol : TLSv1.2 Cipher : ECDHE-RSA-AES128-GCM-SHA256 Session-ID: 0CED79628CFCF32462EEF5086AD38 Session-ID-ctx: Master-Key: 2ADB0E064422DFBAAAF704B17A1D3 Key-Arg : None Krb5 Principal: None PSK identity: None PSK identity hint: None Start Time: 1540472141 Timeout : 300 (sec) Verify return code: 0 (ok) GET /isActive HTTP/1.1 408 REQUEST_TIMEOUT Content-Length:0 Connection: Close closedWhat could cause this issue? I also tried to pass keep-alive header but still no luck. Thanks!
41 Answer
Need to pass -crlf to the command:
openssl s_client -crlf -connect example.com:443