I'm having an issue with getting response from ELB using openssl package.
Curl works well:
$ curl -iv
* TCP_NODELAY set
* Connected to example.com (*.*.*.*) port 443 (#0)
* Initializing NSS with certpath: sql:/etc/pki/nssdb
* CAfile: /etc/pki/tls/certs/ca-bundle.crt CApath: none
* ALPN/NPN, server did not agree to a protocol
* SSL connection using TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
> GET /isActive HTTP/1.1
> Host: example.com
> User-Agent: curl/7.53.1
> Accept: */*
>
< HTTP/1.1 200
HTTP/1.1 200
< Access-Control-Allow-Headers: origin, content-getMessageType, accept, x-requested-with
Access-Control-Allow-Headers: origin, content-getMessageType, accept, x-requested-with
< Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
< Access-Control-Allow-Origin:
Access-Control-Allow-Origin:
< Cache-Control: no-cache,no-store,max-age=0
Cache-Control: no-cache,no-store,max-age=0
< Date: Thu, 25 Oct 2018 12:48:26 GMT
Date: Thu, 25 Oct 2018 12:48:26 GMT
< Content-Length: 6
Content-Length: 6
< Connection: keep-alive
Connection: keep-alive
<
* Connection #0 to host example.com left intact
ACTIVEBut when I'm using openssl package and trying to type in any HTTP Method i'm getting timeout error:
$ openssl s_client -connect example.com:443
CONNECTED(00000003)
No client certificate CA names sent
Peer signing digest: SHA512
Server Temp Key: ECDH, P-256, 256 bits
---
SSL handshake has read 3205 bytes and written 415 bytes
---
New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES128-GCM-SHA256
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session: Protocol : TLSv1.2 Cipher : ECDHE-RSA-AES128-GCM-SHA256 Session-ID: 0CED79628CFCF32462EEF5086AD38 Session-ID-ctx: Master-Key: 2ADB0E064422DFBAAAF704B17A1D3 Key-Arg : None Krb5 Principal: None PSK identity: None PSK identity hint: None Start Time: 1540472141 Timeout : 300 (sec) Verify return code: 0 (ok)
GET /isActive
HTTP/1.1 408 REQUEST_TIMEOUT
Content-Length:0
Connection: Close
closedWhat could cause this issue? I also tried to pass keep-alive header but still no luck. Thanks!
41 Answer
Need to pass -crlf to the command:
openssl s_client -crlf -connect example.com:443