curl requests with Vault TLS enabled returns "curl: (35) SSL connect error"

[Justin LaRose]

When issuing a curl request:

 curl -X GET  --header "X-Vault-Token: <mytoken> " https://<hostname>:8200/v1/secret/supersecret/test

It returns:

curl: (35) SSL connect error

Logs have:

2015/06/10 14:04:02 http: TLS handshake error from ipaddress:42381: tls: client offered an unsupported, maximum protocol version of 301

2015/06/10 14:04:02 http: TLS handshake error from ipaddress:42382: tls: client offered an unsupported, maximum protocol version of 300

When I use a tool like the Google Chrome extension Postman, PUTs and GETs work. Any ideas to what I'm doing wrong?

[Armon Dadgar]

Hey Justin,

The error you are getting is due to the SSL version of the client being too old. Vault

is strict and requires TLS 1.2 to be used, while the client seems to be offering TLS 1.0.

You may need to update OpenSSL / curl to a newer version.

Best Regards,

Armon Dadgar

--
You received this message because you are subscribed to the Google Groups "Vault" group.
To unsubscribe from this group and stop receiving emails from it, send an email to vault-tool+...@googlegroups.com.
To post to this group, send email to vault...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/vault-tool/30596d79-d6ad-453d-90c3-41a41d1b4ed0%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Justin LaRose]

Thanks Armon, I tried from host with a newer version of curl and openssl and it worked.