英文:
Golang http client handshake failure
问题
尝试获取网页:
tr := &http.Transport{
TLSHandshakeTimeout: 30 * time.Second,
DisableKeepAlives: true,
}
client := &http.Client{Transport: tr}
req, err := http.NewRequest("GET", "https://www.fl.ru/", nil)
if err != nil {
log.Fatalf("%s\n", err);
}
resp, err := client.Do(req);
if err != nil {
log.Fatalf("%s\n", err);
}
defer resp.Body.Close()
获取 https://www.fl.ru/:远程错误:握手失败。
如果我尝试获取另一个 HTTPS 页面 - 一切正常。
英文:
Try get webpage:
tr := &http.Transport{
TLSHandshakeTimeout: 30 * time.Second,
DisableKeepAlives: true,
}
client := &http.Client{Transport: tr}
req, err := http.NewRequest("GET", "https://www.fl.ru/", nil)
if err != nil {
log.Fatalf("%s\n", err);
}
resp, err := client.Do(req);
if err != nil {
log.Fatalf("%s\n", err);
}
defer resp.Body.Close()
Get https://www.fl.ru/: remote error: handshake failure.
If I try to get another HTTPS page - all is OK.
答案1
得分: 7
该服务器只支持一些弱密码:
TLS_DHE_RSA_WITH_AES_256_CBC_SHA (0x39) DH 1024位 (p: 128, g: 1, Ys: 128) FS WEAK
TLS_DHE_RSA_WITH_AES_128_CBC_SHA (0x33) DH 1024位 (p: 128, g: 1, Ys: 128) FS WEAK
TLS_RSA_WITH_RC4_128_SHA (0x5) WEAK
如果你确实需要连接到该服务器,Go语言支持列表中的最后一个密码,但默认情况下不支持。创建一个带有新的tls.Config的客户端,指定你想要的密码:
t := &http.Transport{
Proxy: http.ProxyFromEnvironment,
Dial: (&net.Dialer{
Timeout: 30 * time.Second,
KeepAlive: 30 * time.Second,
}).Dial,
TLSHandshakeTimeout: 10 * time.Second,
TLSClientConfig: &tls.Config{
CipherSuites: []uint16{tls.TLS_RSA_WITH_RC4_128_SHA},
},
}
英文:
That server only supports a few, weak ciphers:
TLS_DHE_RSA_WITH_AES_256_CBC_SHA (0x39) DH 1024 bits (p: 128, g: 1, Ys: 128) FS WEAK
TLS_DHE_RSA_WITH_AES_128_CBC_SHA (0x33) DH 1024 bits (p: 128, g: 1, Ys: 128) FS WEAK
TLS_RSA_WITH_RC4_128_SHA (0x5) WEAK
If you really must connect to that server, Go does support the last cipher in the list, but not by default. Create a client with a new tls.Config specifying the cipher you want:
t := &http.Transport{
Proxy: http.ProxyFromEnvironment,
Dial: (&net.Dialer{
Timeout: 30 * time.Second,
KeepAlive: 30 * time.Second,
}).Dial,
TLSHandshakeTimeout: 10 * time.Second,
TLSClientConfig: &tls.Config{
CipherSuites: []uint16{tls.TLS_RSA_WITH_RC4_128_SHA},
},
}
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论