On Mon, May 04, 2020 at 01:49:34PM +0200, Mark Jonas wrote: > Hi Reco, > > > > > Ok. Can you run tcpdump while you're running curl? > > > > Specifically, > > > > > > > > tcpdump -s0 -pnni any -w /tmp/curl.pcap tcp port 443 > > > > > > I tried to dump from within the running container but failed. > > > > It's way too complicated. Docker is basically a one big NAT, so please > > run tcpdump on a host instead. > > I used the identical image to run the container on an amhf host > (Raspberry Pi 3). So there is now no QEMU in the way. > > > But this hiccup gave me an idea - maybe libssl on armhf is perfectly > > fine, but it's qemu which fails to emulate certain CPU instruction. > > curl https://www.google.com still fails on the armhf host. So QEMU is > out of the game. Someone hinted at ca_certificates. To verify that, you could try with the option "-k" for curl. Then the server certificate isn't checked. Of course this may be a bad idea for a permanent "solution", but would allow you to bisect the problem. Cheers -- t
Attachment:
signature.asc
Description: Digital signature