“未知SSL协议错误”是什么意思？

Question

Here's my problem: I'm using a trading bot to interact with an online exchange. The bot is actually a script in PHP that has an infinite loop. In each iteration it uses cURL requests to send/receive some data to/from server. Sometimes (not really often) I get error 443 (Unknown SSL protocol). It makes me think that the source of the problem is remote server rather than my requests.

I'm not an expert in security so I would welcome general answer or link to get a bit deeper.

Answer 1

That usually means the remote server did not provide a SSL/TLS response. Rather, the remove server sent a web page in response to the ClientHello and the local client tried to interpret the HTML as a ServerHello .

You can simulate it with openssl s_client -connect www.google.com:80 . In this example, port 80 will clearly get you a web page rather than a ServerHello . The line of interest is the one that begins with read from ... .

$ openssl s_client -connect www.google.com:80 -debug
CONNECTED(00000003)

write to 0x7fe933c22a70 [0x7fe934013600] (308 bytes => 308 (0x134))
0000 - 16 03 01 01 2f 01 00 01-2b 03 03 2e 0b 3b 5f 7a   ..../...+....;_z
...
0120 - 02 04 03 03 01 03 02 03-03 02 01 02 02 02 03 00   ................
0130 - 0f 00 01 01                                       ....

read from 0x7fe933c22a70 [0x7fe934018c00] (7 bytes => 7 (0x7))
0000 - 48 54 54 50 2f 31 2e                              HTTP/1.
140735324471772:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol:s23_clnt.c:787

---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 7 bytes and written 308 bytes
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
---