Obrazek nie wczytuje się po https, ale pod wirtualną maszyną (na tym samym pc) już się wczytuje

KoloKarolo · 18 Sierpień 2016 21:16

Hej, mam trochę dziwny problem, istnieje taki obrazek https://edge.sf.hitbox.tv/static/img/channel/masta_55270735d51ac_large.jpg

I nie wczytuje on mi się na moim systemie, ale jak uruchomię pod tym samym systemem wirtualną maszynę, to na niej w przeglądarkach ten obraz się wyświetla.

Pewnie coś się rypie z certyfikatami, jakiś pomysł jak do diagnozować?

Piesek64 · 18 Sierpień 2016 21:52

Jak otwierasz go w przeglądarce jaki jest błąd?

KoloKarolo · 18 Sierpień 2016 21:54

Ta witryna jest nieosiągalna

Połączenie zostało zresetowane.

ERR_CONNECTION_RESET

roobal · 21 Sierpień 2016 20:25

Data i godzina poprawna?

KoloKarolo · 21 Sierpień 2016 20:33

Tak

Jak próbuje pobrać dane curlem to dostaję takie cuś:

C:\Users\Koka>curl -v https://edge.sf.hitbox.tv/static/img/channel/masta_55270735d51ac_large.jpg

* Hostname was NOT found in DNS cache

* Trying 178.162.206.70...

* Connected to edge.sf.hitbox.tv (178.162.206.70) port 443 (#0)

* successfully set certificate verify locations:

* CAfile: c:\program files\curl\bin\curl-ca-bundle.crt

  CApath: none

* SSLv3, TLS handshake, Client hello (1):

* SSLv3, TLS handshake, Server hello (2):

* SSLv3, TLS handshake, CERT (11):

* SSLv3, TLS handshake, Server key exchange (12):

* SSLv3, TLS handshake, Server finished (14):

* SSLv3, TLS handshake, Client key exchange (16):

* SSLv3, TLS change cipher, Client hello (1):

* SSLv3, TLS handshake, Finished (20):

* SSLv3, TLS change cipher, Client hello (1):

* SSLv3, TLS handshake, Finished (20):

* SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384

* Server certificate:

* subject: C=AT; ST=Wien; L=Wien; O=hitbox Entertainment GmbH; CN=*.sf.hitbox.tv

* start date: 2016-04-04 09:19:20 GMT

* expire date: 2019-04-04 09:19:20 GMT

* subjectAltName: edge.sf.hitbox.tv matched

* issuer: C=IL; O=StartCom Ltd.; OU=StartCom Certification Authority; CN=StartCom Class 3 OV Server CA

* SSL certificate verify ok.

> GET /static/img/channel/masta_55270735d51ac_large.jpg HTTP/1.1

> User-Agent: curl/7.37.0

> Host: edge.sf.hitbox.tv

> Accept: */*

>

* SSL read: error:00000000:lib(0):func(0):reason(0), errno 10054

* Closing connection 0

curl: (56) SSL read: error:00000000:lib(0):func(0):reason(0), errno 10054

Piesek64 · 22 Sierpień 2016 11:46

"10054 is not connection refused, but connection reset by peer. This means, that a TCP connection was successfully established (s_client indicates CONNECTED) but when sending more data from the client to the server the server closed the connection without reading all the data (and send TCP RST back).

While this could be a firewall issue it could also indicate a problem at the server configuration, that is the server accepts the client but then cannot continue because of an invalid configuration. Such invalid configurations might be a missing permissions for the requested data, certificate without usable private key or others. I would suggest that you have a look at the server logs for more information.

I’ve also seen TCP RST with servers, load balancers or firewalls which do not understand current TLS versions and simply close the connection. Browsers work around this issue by transparently retrying with a lower TLS version. You might try if openssl s_client -ssl3 works against this server and you receive a certificate."