ssl - OpenSSL SSL_connect:SSL_ERROR_SYSCALL 连接到 www.google.com:443
问题描述
我可以访问除www.google.com之外的其他网站,如 Youtube、account.google.com 等。当我尝试在 chromium 浏览器中访问www.google.comwww.google.com unexpectedly closed the connection.
时,它会返回和ERR_CONNECTION_CLOSED
.
然后我尝试了卷曲。
$ curl -x http://127.0.0.1:1080 -v https://www.google.com
* Trying 127.0.0.1:1080...
* Connected to 127.0.0.1 (127.0.0.1) port 1080 (#0)
* allocate connect buffer!
* Establish HTTP proxy tunnel to www.google.com:443
> CONNECT www.google.com:443 HTTP/1.1
> Host: www.google.com:443
> User-Agent: curl/7.75.0
> Proxy-Connection: Keep-Alive
>
< HTTP/1.1 200 Connection established
<
* Proxy replied 200 to CONNECT request
* CONNECT phase completed!
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: /etc/ssl/certs/ca-certificates.crt
* CApath: none
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* CONNECT phase completed!
* CONNECT phase completed!
* OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to www.google.com:443
* Closing connection 0
curl: (35) OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to www.google.com:443
我在互联网上找不到类似的问题,现在我完全不知所措。为什么会发生这种情况,以及如何解决?
(我对SSL之类的东西不太熟悉,所以很抱歉我可能无法提供足够的信息。感谢您回答问题)
编辑:为了比较:
$ curl -x http://127.0.0.1:1080 -v https://www.youtube.com
* Trying 127.0.0.1:1080...
* Connected to 127.0.0.1 (127.0.0.1) port 1080 (#0)
* allocate connect buffer!
* Establish HTTP proxy tunnel to www.youtube.com:443
> CONNECT www.youtube.com:443 HTTP/1.1
> Host: www.youtube.com:443
> User-Agent: curl/7.75.0
> Proxy-Connection: Keep-Alive
>
< HTTP/1.1 200 Connection established
<
* Proxy replied 200 to CONNECT request
* CONNECT phase completed!
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: /etc/ssl/certs/ca-certificates.crt
* CApath: none
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* CONNECT phase completed!
* CONNECT phase completed!
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
* TLSv1.3 (IN), TLS handshake, Certificate (11):
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
* TLSv1.3 (IN), TLS handshake, Finished (20):
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.3 (OUT), TLS handshake, Finished (20):
* SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384
* ALPN, server accepted to use h2
* Server certificate:
* subject: C=US; ST=California; L=Mountain View; O=Google LLC; CN=*.google.com
* start date: Jan 19 07:57:09 2021 GMT
* expire date: Apr 13 07:57:08 2021 GMT
* subjectAltName: host "www.youtube.com" matched cert's "*.youtube.com"
* issuer: C=US; O=Google Trust Services; CN=GTS CA 1O1
* SSL certificate verify ok.
* Using HTTP2, server supports multi-use
* Connection state changed (HTTP/2 confirmed)
* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
* Using Stream ID: 1 (easy handle 0x56071ebe5910)
> GET / HTTP/2
> Host: www.youtube.com
> user-agent: curl/7.75.0
> accept: */*
>
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* old SSL session ID is stale, removing
* Connection state changed (MAX_CONCURRENT_STREAMS == 100)!
< HTTP/2 200
< content-type: text/html; charset=utf-8
< x-content-type-options: nosniff
< cache-control: no-cache, no-store, max-age=0, must-revalidate
...(Normal site data)
解决方案
您应该查找“https://github.com/ShadowsocksR-Live/shadowsocksr-native#sample-configure-file”,config.json 演示可能会帮助您解决这个问题。
推荐阅读
- sql-server - 无法创建大于允许的最大行大小 8060 的大小为 8084 的行
- java - 如何在 Apache Poi 中使用公式保存 excel?
- javascript - JS - 有没有办法在不丢失默认功能的情况下将 CSS 样式添加到 JSON 控制台日志消息?
- asp.net - IApplicationBuilder.UseBasePath 奇怪的行为?
- python - 在 python3 中导入超出顶级包失败
- java - 我收到一些关于 java 中无法访问的代码的错误,如何修复它。我用日食霓虹灯
- bash - fswatch 和 ffmpeg 中的输出文件扩展名
- qt - qInstallMessageHandler() 不返回文件行、文件名、函数名
- c# - 是否可以从 C# 链表中提取子列表?
- security - 获取托管在 IP 地址上的所有域