HTTPS uses TLS (SSL) to encrypt normal HTTP requests and responses. Use HTTP instead:
~ $ cd Downloads Downloads $ /usr/bin/curl -vO http://wias-berlin.de/software/tetgen/1.5/src/tetgen1.5.1.tar.gz % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0* Trying 62.141.177.111... * TCP_NODELAY set * Connected to wias-berlin.de (62.141.177.111) port 80 (#0) > GET /software/tetgen/1.5/src/tetgen1.5.1.tar.gz HTTP/1.1 > Host: wias-berlin.de > User-Agent: curl/7.64.1 > Accept: */* > < HTTP/1.1 301 Moved Permanently < Date: Tue, 19 Jul 2022 09:37:56 GMT < Server: Apache < Location: https://wias-berlin.de/software/tetgen/1.5/src/tetgen1.5.1.tar.gz < Content-Length: 273 < Content-Type: text/html; charset=iso-8859-1 < { [273 bytes data] 100 273 100 273 0 0 291 0 --:--:-- --:--:-- --:--:-- 291 * Connection #0 to host wias-berlin.de left intact * Closing connection 0 Mark Brethen mark.bret...@gmail.com > On Jul 18, 2022, at 11:56 AM, Mark Brethen <mark.bret...@gmail.com> wrote: > > It’s more likely that curl 7.64.1 succeeds to connect while openssl 2.8.3 > fails with alert number 40 (see below). It might be related to the server > which has several virtual hosts. openssl 3.0.5 (mp) seems to handle it fine > compared to openssl 2.8.3. > > Downloads $ openssl version > OpenSSL 3.0.5 5 Jul 2022 (Library: OpenSSL 3.0.5 5 Jul 2022) > > Downloads $ openssl s_client -connect wias-berlin.de:443 > <http://wias-berlin.de:443/> -servername wias-berlin.de > <http://wias-berlin.de/> > CONNECTED(00000005) > depth=3 C = DE, O = T-Systems Enterprise Services GmbH, OU = T-Systems Trust > Center, CN = T-TeleSec GlobalRoot Class 2 > verify return:1 > depth=2 C = DE, O = Verein zur Foerderung eines Deutschen Forschungsnetzes e. > V., OU = DFN-PKI, CN = DFN-Verein Certification Authority 2 > verify return:1 > depth=1 C = DE, O = Verein zur Foerderung eines Deutschen Forschungsnetzes e. > V., OU = DFN-PKI, CN = DFN-Verein Global Issuing CA > verify return:1 > depth=0 C = DE, ST = Berlin, L = Berlin, O = Forschungsverbund Berlin e.V., > OU = Weierstrass-Institut f. Angewandte Analysis u. Stochastik (WIAS), OU = > RT, CN = www.wias-berlin.de <http://www.wias-berlin.de/> > verify return:1 > > Downloads $ /usr/bin/openssl version > LibreSSL 2.8.3 > > Downloads $ /usr/bin/openssl s_client -connect wias-berlin.de:443 > <http://wias-berlin.de:443/> -servername wias-berlin.de > <http://wias-berlin.de/> > CONNECTED(00000005) > depth=3 C = DE, O = T-Systems Enterprise Services GmbH, OU = T-Systems Trust > Center, CN = T-TeleSec GlobalRoot Class 2 > verify return:1 > depth=2 C = DE, O = Verein zur Foerderung eines Deutschen Forschungsnetzes e. > V., OU = DFN-PKI, CN = DFN-Verein Certification Authority 2 > verify return:1 > depth=1 C = DE, O = Verein zur Foerderung eines Deutschen Forschungsnetzes e. > V., OU = DFN-PKI, CN = DFN-Verein Global Issuing CA > verify return:1 > depth=0 C = DE, ST = Berlin, L = Berlin, O = Forschungsverbund Berlin e.V., > OU = Weierstrass-Institut f. Angewandte Analysis u. Stochastik (WIAS), OU = > RT, CN = www.wias-berlin.de <http://www.wias-berlin.de/> > verify return:1 > 4381900460:error:14008410:SSL routines:CONNECT_CR_KEY_EXCH:sslv3 alert > handshake > failure:/System/Volumes/Data/SWE/macOS/BuildRoots/880a0f6e74/Library/Caches/com.apple.xbs/Sources/libressl/libressl-56.60.4/libressl-2.8/ssl/ssl_pkt.c:1200:SSL > alert number 40 > 4381900460:error:140080E5:SSL routines:CONNECT_CR_KEY_EXCH:ssl handshake > failure:/System/Volumes/Data/SWE/macOS/BuildRoots/880a0f6e74/Library/Caches/com.apple.xbs/Sources/libressl/libressl-56.60.4/libressl-2.8/ssl/ssl_pkt.c:585: > --- > > > > Mark > > > >> On Jul 18, 2022, at 8:11 AM, Mark Brethen <mark.bret...@gmail.com >> <mailto:mark.bret...@gmail.com>> wrote: >> >> wias-berlin.de <http://wias-berlin.de/>
