Заставляем curl использовать протокол HTTPS.
Определим используемый протокол по умолчанию, если он не указан.
🖧 Как установить тайм-аут в команде cURL
Как использовать протокол HTTPS по умолчанию.
curl --silent --verbose --proto-default https --output /dev/null www.google.com* Trying 172.217.20.164:443...* Connected to www.google.com (172.217.20.164) port 443 (#0)* ALPN, offering h2* ALPN, offering http/1.1* successfully set certificate verify locations:* CAfile: /etc/ssl/certs/ca-certificates.crt* CApath: /etc/ssl/certs} [5 bytes data]* TLSv1.3 (OUT), TLS handshake, Client hello (1):} [512 bytes data]* TLSv1.3 (IN), TLS handshake, Server hello (2):{ [122 bytes data]* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):{ [15 bytes data]* TLSv1.3 (IN), TLS handshake, Certificate (11):{ [4002 bytes data]* TLSv1.3 (IN), TLS handshake, CERT verify (15):{ [78 bytes data]* TLSv1.3 (IN), TLS handshake, Finished (20):{ [52 bytes data]* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):} [1 bytes data]* TLSv1.3 (OUT), TLS handshake, Finished (20):} [52 bytes data]
Обратите внимание, что эта опция не будет иметь смысла, если указан протокол.
curl --silent --verbose --proto-default https --output /dev/null http://www.google.com* Trying 172.217.20.164:80...* Connected to www.google.com (172.217.20.164) port 80 (#0)> GET / HTTP/1.1> Host: www.google.com> User-Agent: curl/7.74.0> Accept: */*>* Mark bundle as not supporting multiuse< HTTP/1.1 200 OK< Date: Sun, 03 Apr 2022 14:13:35 GMT< Expires: -1< Cache-Control: private, max-age=0< Content-Type: text/html; charset=ISO-8859-1< P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."< Server: gws< X-XSS-Protection: 0< X-Frame-Options: SAMEORIGIN< Set-Cookie: AEC=AVQQ_LB3ZtfdU4cku43U7Qdo_c-ZwIuO45QgAWklIJhrePMbwGxssu7n8A; expires=Fri, 30-Sep-2022 14:13:35 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax< Set-Cookie: NID=511=nOfnqUz31txzRl-4e2lRB0PRVFywR16dmxdDhym-xJo1Dgiau5z2b1WfeC9ZiC8YBg2C6GhTjm8gEEu30VrYLaMURv6hV0e5jxI4kJaGweWtEhkz1Si4RN6ae0VHusVWMdMgF_U1EAMVJdUAfK3mpIIZX4oqTV4uoKAbdo3KZtY; expires=Mon, 03-Oct-2022 14:13:35 GMT; path=/; domain=.google.com; HttpOnly< Accept-Ranges: none< Vary: Accept-Encoding< Transfer-Encoding: chunked<{ [6292 bytes data]* Connection #0 to host www.google.com left intact
Обратите внимание, что эта опция не будет иметь смысла, если указан протокол.
curl --silent --verbose --proto-default https --output /dev/null http://www.google.com* Trying 172.217.20.164:80...* Connected to www.google.com (172.217.20.164) port 80 (#0)> GET / HTTP/1.1> Host: www.google.com> User-Agent: curl/7.74.0> Accept: */*>* Mark bundle as not supporting multiuse< HTTP/1.1 200 OK< Date: Sun, 03 Apr 2022 14:13:35 GMT< Expires: -1< Cache-Control: private, max-age=0< Content-Type: text/html; charset=ISO-8859-1< P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."< Server: gws< X-XSS-Protection: 0< X-Frame-Options: SAMEORIGIN< Set-Cookie: AEC=AVQQ_LB3ZtfdU4cku43U7Qdo_c-ZwIuO45QgAWklIJhrePMbwGxssu7n8A; expires=Fri, 30-Sep-2022 14:13:35 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax< Set-Cookie: NID=511=nOfnqUz31txzRl-4e2lRB0PRVFywR16dmxdDhym-xJo1Dgiau5z2b1WfeC9ZiC8YBg2C6GhTjm8gEEu30VrYLaMURv6hV0e5jxI4kJaGweWtEhkz1Si4RN6ae0VHusVWMdMgF_U1EAMVJdUAfK3mpIIZX4oqTV4uoKAbdo3KZtY; expires=Mon, 03-Oct-2022 14:13:35 GMT; path=/; domain=.google.com; HttpOnly< Accept-Ranges: none< Vary: Accept-Encoding< Transfer-Encoding: chunked<{ [6292 bytes data]* Connection #0 to host www.google.com left intact
Применим протокол HTTPS, но пытаемся использовать другой протокол.
curl --silent --verbose --proto-default https --proto =https --output /dev/null http://google.com* Protocol "http" not supported or disabled in libcurl* Closing connection -1
Определим принятый протокол для назначения перенаправления
Применим протокол HTTPS для назначения перенаправления.
curl --location --silent --verbose --proto-redir =https --output /dev/null https://google.com* Trying 216.58.209.14:443...* Connected to google.com (216.58.209.14) port 443 (#0)* ALPN, offering h2* ALPN, offering http/1.1* successfully set certificate verify locations:* CAfile: /etc/ssl/certs/ca-certificates.crt* CApath: /etc/ssl/certs} [5 bytes data]* TLSv1.3 (OUT), TLS handshake, Client hello (1):} [512 bytes data]* TLSv1.3 (IN), TLS handshake, Server hello (2):{ [122 bytes data]* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):{ [15 bytes data]* TLSv1.3 (IN), TLS handshake, Certificate (11):{ [6385 bytes data]* TLSv1.3 (IN), TLS handshake, CERT verify (15):{ [78 bytes data]* TLSv1.3 (IN), TLS handshake, Finished (20):{ [52 bytes data]* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):} [1 bytes data]* TLSv1.3 (OUT), TLS handshake, Finished (20):} [52 bytes data]* SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384* ALPN, server accepted to use h2* Server certificate:* subject: CN=*.google.com* start date: Mar 17 10:26:08 2022 GMT* expire date: Jun 9 10:26:07 2022 GMT* subjectAltName: host "google.com" matched cert's "google.com"* issuer: C=US; O=Google Trust Services LLC; CN=GTS CA 1C3* SSL certificate verify ok.* Using HTTP2, server supports multi-use* Connection state changed (HTTP/2 confirmed)* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0} [5 bytes data]* Using Stream ID: 1 (easy handle 0x55b8f3d915e0)} [5 bytes data]> GET / HTTP/2> Host: google.com> user-agent: curl/7.74.0> accept: */*>{ [5 bytes data]* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):{ [279 bytes data]* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):{ [279 bytes data]* old SSL session ID is stale, removing{ [5 bytes data]* Connection state changed (MAX_CONCURRENT_STREAMS == 100)!} [5 bytes data]< HTTP/2 301< location: https://www.google.com/< content-type: text/html; charset=UTF-8< date: Sun, 03 Apr 2022 14:19:05 GMT< expires: Sun, 03 Apr 2022 14:19:05 GMT< cache-control: private, max-age=2592000< server: gws< content-length: 220< x-xss-protection: 0< x-frame-options: SAMEORIGIN< set-cookie: CONSENT=PENDING+640; expires=Tue, 02-Apr-2024 14:19:05 GMT; path=/; domain=.google.com; Secure< p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."< alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"<{ [5 bytes data]* Ignoring the response-body{ [220 bytes data]* Connection #0 to host google.com left intact* Issue another request to this URL: 'https://www.google.com/'* Trying 172.217.20.196:443...* Connected to www.google.com (172.217.20.196) port 443 (#1)* ALPN, offering h2* ALPN, offering http/1.1* successfully set certificate verify locations:* CAfile: /etc/ssl/certs/ca-certificates.crt* CApath: /etc/ssl/certs} [5 bytes data]* TLSv1.3 (OUT), TLS handshake, Client hello (1):} [512 bytes data]* TLSv1.3 (IN), TLS handshake, Server hello (2):{ [122 bytes data]* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):{ [15 bytes data]* TLSv1.3 (IN), TLS handshake, Certificate (11):{ [4002 bytes data]* TLSv1.3 (IN), TLS handshake, CERT verify (15):{ [80 bytes data]* TLSv1.3 (IN), TLS handshake, Finished (20):{ [52 bytes data]* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):} [1 bytes data]* TLSv1.3 (OUT), TLS handshake, Finished (20):} [52 bytes data]* SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384* ALPN, server accepted to use h2* Server certificate:* subject: CN=www.google.com* start date: Mar 17 11:49:13 2022 GMT* expire date: Jun 9 11:49:12 2022 GMT* subjectAltName: host "www.google.com" matched cert's "www.google.com"* issuer: C=US; O=Google Trust Services LLC; CN=GTS CA 1C3* SSL certificate verify ok.* Using HTTP2, server supports multi-use* Connection state changed (HTTP/2 confirmed)* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0} [5 bytes data]* Using Stream ID: 1 (easy handle 0x55b8f3d915e0)} [5 bytes data]> GET / HTTP/2> Host: www.google.com> user-agent: curl/7.74.0> accept: */*>{ [5 bytes data]* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):{ [279 bytes data]* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):{ [279 bytes data]* old SSL session ID is stale, removing{ [5 bytes data]* Connection state changed (MAX_CONCURRENT_STREAMS == 100)!} [5 bytes data]< HTTP/2 200< date: Sun, 03 Apr 2022 14:19:06 GMT< expires: -1< cache-control: private, max-age=0< content-type: text/html; charset=ISO-8859-1< p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."< server: gws< x-xss-protection: 0< x-frame-options: SAMEORIGIN< set-cookie: AEC=AVQQ_LB1sZDSG2ChWNJw7IudtiDvqUlipXCNRkGWyB73ny6ZuRVBafI-wro; expires=Fri, 30-Sep-2022 14:19:06 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax< set-cookie: CONSENT=PENDING+266; expires=Tue, 02-Apr-2024 14:19:05 GMT; path=/; domain=.google.com; Secure< alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"< accept-ranges: none< vary: Accept-Encoding<{ [5 bytes data]* Connection #1 to host www.google.com left intact
Применим протокол HTTPS для назначения перенаправления, но попробуем использовать протокол HTTP.
curl --location --silent --verbose --proto-redir =https --output /dev/null http://google.com* Trying 216.58.209.14:80...* Connected to google.com (216.58.209.14) port 80 (#0)> GET / HTTP/1.1> Host: google.com> User-Agent: curl/7.74.0> Accept: */*>* Mark bundle as not supporting multiuse< HTTP/1.1 301 Moved Permanently< Location: http://www.google.com/< Content-Type: text/html; charset=UTF-8< Date: Sun, 03 Apr 2022 14:19:11 GMT< Expires: Tue, 03 May 2022 14:19:11 GMT< Cache-Control: public, max-age=2592000< Server: gws< Content-Length: 219< X-XSS-Protection: 0< X-Frame-Options: SAMEORIGIN<* Ignoring the response-body{ [219 bytes data]* Connection #0 to host google.com left intact* Issue another request to this URL: 'http://www.google.com/'* Protocol "http" not supported or disabled in libcurl* Closing connection -1
Прочитайте страницу руководства curl для более подробной информации и просто объедините эти опции вместе.
см. также: