<p>I got some problems with doing http requests to a Https website.
Most of the times I get a handshake failure. I think this is a problem that the standard TLS cipher isn't supported by the target website.</p>
<p>Soooo I found a way to check what ciphers the target website supports with "nmap". Then I manually set a cipher and it works.</p>
<p>My question is: Isn't there a way to automatically let Go set the supported cipher to make the request?</p>
<p>In Node.JS I have no problems to create a request. I don't have to set extra stuff.</p>
<hr/>**评论:**<br/><br/>nhooyr: <pre><p>post your code.</p></pre>taushif: <pre><p>oops I accidentally placed a comment instead of a reply.</p></pre>taushif: <pre><p>a simple:</p>
<pre><code>uri := "https://example.com"
hc := &http.Client{} // transport with skipverify doesn't work either
req, err = http.NewRequest(method, uri, strings.NewReader(form.Encode()))
response, err := hc.Do(req)
// handshake error
contents, err := ioutil.ReadAll(response.Body)
</code></pre>
<p>It works if I do this:</p>
<pre><code> mTLSConfig := &tls.Config{
CipherSuites: []uint16{
tls.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
},
}
mTLSConfig.PreferServerCipherSuites = true
mTLSConfig.MinVersion = tls.VersionTLS10
mTLSConfig.MaxVersion = tls.VersionTLS10
tr := &http.Transport{
TLSClientConfig: mTLSConfig,
}
hc := &http.Client{Transport: tr}
</code></pre>
<p>So basically I checked what cipher the website supports and put that cipher manually in the transport. </p></pre>njpatel: <pre><p>I ran your example on my machine (ubuntu 14.04) and had no problems, could it be an issue with your system?</p>
<p>Here's a screenshot of the output: <a href="http://i.imgur.com/a3aJhDM.png" rel="nofollow">http://i.imgur.com/a3aJhDM.png</a></p>
<p>Edit: This is go 1.5.1 linux/amd64</p></pre>taushif: <pre><p>Some websites work because they use standard ciphers.
But I had a problem with "<a href="https://api.copernica.com" rel="nofollow">https://api.copernica.com</a>" and mailgun also gives problems.</p></pre>njpatel: <pre><blockquote>
<p><a href="https://api.copernica.com" rel="nofollow">https://api.copernica.com</a></p>
</blockquote>
<p>Fwiw, both those work for me as well.</p></pre>nhooyr: <pre><p>By default go uses all ciphers so I am not really sure what is wrong, try reinstalling go.</p></pre>
这是一个分享于 的资源,其中的信息可能已经有所发展或是发生改变。
入群交流(和以上内容无关):加入Go大咖交流群,或添加微信:liuxiaoyan-s 备注:入群;或加QQ群:692541889
- 请尽量让自己的回复能够对别人有帮助
- 支持 Markdown 格式, **粗体**、~~删除线~~、
`单行代码`
- 支持 @ 本站用户;支持表情(输入 : 提示),见 Emoji cheat sheet
- 图片支持拖拽、截图粘贴等方式上传