Openssl and python urllib.request.urlopen fails, how to fix it?


#1

I run https://www.dapp.com behind cloudflare and my local nginx, it works fine in browser.
However, when I use openssl s_client -connect www.dapp.com:443, it shows:
CONNECTED(00000003)
140682642245272:error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure:s23_clnt.c:769:

no peer certificate available

No client certificate CA names sent

SSL handshake has read 7 bytes and written 305 bytes

New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1
Cipher : 0000
Session-ID:
Session-ID-ctx:
Master-Key:
Key-Arg : None
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1543940761
Timeout : 300 (sec)
Verify return code: 0 (ok)

and when I use urllib.request.urlopen("https://www.dapp.com"), it shows:

urllib.error.URLError: <urlopen error [SSL: SSLV3_ALERT_HANDSHAKE_FAILURE] sslv3 alert handshake failure (_ssl.c:1045)>
['HTTPError: HTTP Error 403: Forbidden', '  File "python3.7/code.py", line 90, in runcode', '  File "<console>", line 1, in <module>', '  File "urllib/request.py", line 222, in urlopen', '  File "urllib/request.py", line 531, in open', '  File "urllib/request.py", line 641, in http_response', '  File "urllib/request.py", line 569, in error', '  File "urllib/request.py", line 503, in _call_chain', '  File "urllib/request.py", line 649, in http_error_default']

I don’t know how to fix it.


#2

Sounds like you need to update your openssl client.