curl error 35 : failed to receive handshake, SSL/TLS connection failed

Question

When I try to execute this curl command :

curl -v --key some_key_file.key --cert certificate_file.pem --show-error --header "Content-Type: application/json;charset=UTF-8" https://some-api/service

I get the following error : curl: (35) schannel: failed to receive handshake, SSL/TLS connection failed

And the full execution log :

I have searched this error online and haven't found anyone explaining what it really meant.

• Do you have any idea what the source cause could be ?
• And do you know if there is a way to get more information about the error ?

Answer 1

Turns out the problem was with my curl version which, for some reason didn't accept the arguments --cert and --key.

To solve the problem, I installed a completely new curl version and ran it from the instllation folder and it worked.

Answer 2

This error happens when you are behind a 7 layer firewall (i.e Palo Alto) that Allow SSL connections only via application, so you have to configure 2 rules in such solution.

1. Allow 443 or whatever port with higher priority
2. Allow Application SSL with lower priority

Answer 3

I also try installing latest curl (given below) but it didn't solve my issue.

curl 7.77.0 (x86_64-pc-win32) libcurl/7.77.0 OpenSSL/1.1.1k (Schannel) zlib/1.2.11 brotli/1.0.9 zstd/1.5.0 libidn2/2.3.1 libssh2/1.9.0 nghttp2/1.43.0 libgsasl/1.10.0 Release-Date: 2021-05-26 Protocols: dict file ftp ftps gopher gophers http https imap imaps ldap ldaps mqtt pop3 pop3s rtsp scp sftp smb smbs smtp smtps telnet tftp Features: alt-svc AsynchDNS brotli gsasl HSTS HTTP2 HTTPS-proxy IDN IPv6 Kerberos Largefile libz MultiSSL NTLM SPNEGO SSL SSPI TLS-SRP Unicode UnixSockets zstd

Answer 4

Run the command from the path where you have curl package. if you place in c:\curl goto this path and run the curl command it will work.