docker run --rm -it busybox:stable wget https://dtdg.co/latest-java-tracer Connecting to dtdg.co (67.199.248.13:443) wget: note: TLS certificate validation not implemented wget: TLS error from peer (alert code 40): handshake failure wget: error getting response: Connection reset by peer...
CApath: none*TLSv1.2 (OUT), TLS header, Certificate Status (22):*TLSv1.2 (OUT), TLS handshake, Client hello (1):*OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to www.google.com:443*Closing connection 0 curl: (35) OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to www.go...
busybox wget as included in the busybox base image doesn't verify TLS certificate: $ docker run -ti --rm busybox wget -q https://expired.badssl.com && echo $? wget: note: TLS certificate validation not implemented 0 While it prints an wa...
choosinglocalfile names (EXPERIMENTAL) --content-on-error output the received content on server errors --auth-no-challenge send Basic HTTP authentication information without first waitingforthe server's challenge HTTPS (SSL/TLS) options: --secure-protocol=PR choose secure protocol, one of auto, SS...
比如企业防火墙,在从客户端发送的ClientHello中找出目标后,阻止到目标的流量作为TLS握手的开始。
When negotiating a TLS or SSL connection, the server sends a certificate indicating its identity. A public key is extracted from this certificate and if it does not exactly match the public key(s) provided to this option, wget will abort the connection before sending or receiving any data. ...
Implicit FTPS consists of initializing SSL/TLS from the very beginning of the control connection. This option does not send an "AUTH TLS" command: it assumes the server speaks FTPS and directly starts an SSL/TLS connection. If the attempt is successful, the session continues just like regular...
Implicit FTPS consists of initializing SSL/TLS from the very beginning of the control connection. This option does not send an "AUTH TLS" command: it assumes the server speaks FTPS and directly starts an SSL/TLS connection. If the attempt is successful, the session continues just like regular...
peer against --random-file=FILE file with random data for seeding the SSL PRNG --ciphers=STR Set the priority string (GnuTLS) or cipher list string (OpenSSL) directly. Use with care. This option overrides --secure-protocol. The format and syntax of this string depend on the specific SSL...
-k: 忽略TLS/SSL认证 参考文献 [网络/HTTPS/Java] PKI公钥基础设施体系:数字证书(X.509)、CA机构 | 含:证书管理工具(jdk keytool / openssl) - 博客园/千千寰宇【推荐】 PKIX path building failed ? curl: (52) Empty reply from server - 掘金【推荐】 ...