求教, curl: (52) Empty reply from server
kestrelBright · 2022-09-07 10:29:30 +08:00 · 680 次点击这是一个创建于 800 天前的主题,其中的信息可能已经有所发展或是发生改变。
阿里云的 ecs 有一台不正常,其他的正常,本地正常。
不正常的那一台有时正常,有时就返回 curl 52 ,试了重新安装 openssl 和 curl ,没有用
curl -v "https://xx.xx.xx.xx"
* Trying xx.xx.x.x:443...
* Connected to xx.xx.xx.xx (xx.xx.xx.xx) port 443 (#0)
* Initializing NSS with certpath: sql:/etc/pki/nssdb
* CAfile: none
* CApath: none
* loaded libnssckbi.so
* ALPN: server did not agree on a protocol. Uses default.
* SSL connection using TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
* Server certificate:
* subject: CN=xx.xx.xx.xx
* start date: Apr 01 00:00:00 2022 GMT
* expire date: Apr 01 23:59:59 2023 GMT
* common name: xx.xx.xx.xx
* issuer: CN=Encryption Everywhere DV TLS CA - G1,OU=www.digicert.com,O=DigiCert Inc,C=US
> GET /ggfwzc/auth/gateway.do HTTP/1.1
> Host: xx.xx.xx.xx
> User-Agent: curl/7.85.0
> Accept: */*
>
* Empty reply from server
* Closing connection 0
curl: (52) Empty reply from server
另外装的 curl
* Trying xx.xx.xx.xx:443...
* Connected to xx.xx.xx.xx (xx.xx.xx.xx) port 443 (#0)
* ALPN: offers http/1.1
* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
* CAfile: /etc/pki/tls/certs/ca-bundle.crt
* CApath: none
* TLSv1.2 (OUT), TLS header, Certificate Status (22):
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-AES128-GCM-SHA256
* ALPN: server did not agree on a protocol. Uses default.
* Server certificate:
* subject: CN=xx.xx.xx.xx
* start date: Apr 1 00:00:00 2022 GMT
* expire date: Apr 1 23:59:59 2023 GMT
* subjectAltName: host "xx.xx.xx.xx" matched cert's "xx.xx.xx.xx"
* issuer: C=US; O=DigiCert Inc; OU=www.digicert.com; CN=Encryption Everywhere DV TLS CA - G1
* SSL certificate verify ok.
> GET /ggfwzc/auth/gateway.do HTTP/1.1
> Host: xx.xx.xx.xx
> User-Agent: curl/7.85.0
> Accept: */*
>
* TLSv1.2 (IN), TLS alert, close notify (256):
* Empty reply from server
* Closing connection 0
* TLSv1.2 (OUT), TLS alert, close notify (256):
curl: (52) Empty reply from server
 |
1
libook 2022-09-07 10:41:52 +08:00
提工单给阿里云,提供尽可能详细的证据,让他们调查解决。
|
 |
2
kestrelBright OP @libook 阿里云说对方屏蔽了 ip 或者做了其他限制,建议购买 xxx 服务
|
|
3
libook 2022-09-07 10:48:47 +08:00
让他们给解决,如果封 IP 了就让他们协助换 IP ,你揪着他们就好了,给不出满意的解决方案就一直提工单,你也可以把其他服务器正常的证据发过去来增加一些说服力。
|
|
4
kestrelBright OP @libook 好的,我之前是直接在线聊。刚发完现在就又通了
|
 |
5
eason1874 2022-09-07 11:17:45 +08:00
请求的服务器是你们自己的吗?看下日志?有可能真的 Empty reply from server
Nginx 有个 444 状态码,操作是断开连接,不返回任何内容。如果在并发拒绝、限流、临时拉黑等场景用上了,那被拒绝的请求就是这样的 |
|
6
kestrelBright OP @eason1874 不是,是其他公司的。不是空的,马上在本地测试就有返回。
|
|
7
eason1874 2022-09-07 16:35:34 +08:00
@kestrelBright 但你本地跟服务器不是同一个 IP 吧?我的意思是,你服务器 IP 被风控了,有些请求被拒绝了,而拒绝方式是没有任何响应内容的 nginx 444
|
|
8
kestrelBright OP @eason1874 一天有几个小时是好的,阿里云找了一天还是说让买弹性 ip
|
|
9
eason1874 2022-09-10 11:34:35 +08:00
@kestrelBright 大概率是风控了,限制了 IP 每天请求数,超过了就 444
|
|
10
kestrelBright OP @eason1874 emmm,想办法访问了下对方机房的机器。发现他内网的几台机器 curl 这个地址也有的会挂起
|
Select Language