curl succeeds on an https request, wget does not

Resorath asked:

When I run curl from the command line

curl "https://example.com"

It succeeds immediately, returning the result of the request.

When I run the same wget command

wget https://example.com

It eventually times out with “Unable to establish SSL connection.” without any specific error message. It connects, but can’t do the SSL handshake. I tried with --no-check-certificate but that made no difference – it appears to be timeout related.

However:

wget http://example.com

works fine (HTTP vs HTTPS).

This is also affecting the PHP’s “file() method call.

My question is, what would cause curl to succeed in retrieving a page (for all sites in our domain) but not wget or the php interpreter? This is a new issue over the weekend, the server was fine before.

(Operating system is Red Hat Enterprise Linux 6.4)

My answer:


On Red Hat Enterprise Linux 6.x and prior major versions, wget does not support Server Name Indication, which is required to correctly access a growing number of TLS/SSL secured web sites, quite possibly including yours. On the other hand, curl in RHEL 6 does support SNI.

Red Hat is aware of this issue and released a fix in RHEL 6.6. The issue is also fixed in RHEL 7.0.


View the full question and any other answers on Server Fault.

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.