doog1092 2015-09-11 12:26
浏览 130
已采纳

Golang HTTP客户端握手失败

Try get webpage:

    tr := &http.Transport{
        TLSHandshakeTimeout: 30 * time.Second,
        DisableKeepAlives: true,
    }

    client := &http.Client{Transport: tr}

    req, err := http.NewRequest("GET", "https://www.fl.ru/", nil)
    if err != nil {
        log.Fatalf("%s
", err);
    }

    resp, err := client.Do(req);
    if err != nil {
        log.Fatalf("%s
", err);
    }
    defer resp.Body.Close()

Get https://www.fl.ru/: remote error: handshake failure.

If I try to get another HTTPS page - all is OK.

  • 写回答

1条回答 默认 最新

  • 普通网友 2015-09-11 13:08
    关注

    That server only supports a few, weak ciphers:

    TLS_DHE_RSA_WITH_AES_256_CBC_SHA (0x39)   DH 1024 bits (p: 128, g: 1, Ys: 128)   FS   WEAK
TLS_DHE_RSA_WITH_AES_128_CBC_SHA (0x33)   DH 1024 bits (p: 128, g: 1, Ys: 128)   FS   WEAK
TLS_RSA_WITH_RC4_128_SHA (0x5)   WEAK

    If you really must connect to that server, Go does support the last cipher in the list, but not by default. Create a client with a new tls.Config specifying the cipher you want:

    t := &http.Transport{
    Proxy: http.ProxyFromEnvironment,
    Dial: (&net.Dialer{
        Timeout:   30 * time.Second,
        KeepAlive: 30 * time.Second,
    }).Dial,
    TLSHandshakeTimeout: 10 * time.Second,
    TLSClientConfig: &tls.Config{
        CipherSuites: []uint16{tls.TLS_RSA_WITH_RC4_128_SHA},
    },
}
    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?