Try get webpage:
tr := &http.Transport{ TLSHandshakeTimeout: 30 * time.Second, DisableKeepAlives: true, } client := &http.Client{Transport: tr} req, err := http.NewRequest("GET", "https://www.fl.ru/", nil) if err != nil { log.Fatalf("%s\n", err); } resp, err := client.Do(req); if err != nil { log.Fatalf("%s\n", err); } defer resp.Body.Close()
Get https://www.fl.ru/: remote error: handshake failure.
If I try to get another HTTPS page - all is OK.
That server only supports a few, weak ciphers:
TLS_DHE_RSA_WITH_AES_256_CBC_SHA (0x39) DH 1024 bits (p: 128, g: 1, Ys: 128) FS WEAK TLS_DHE_RSA_WITH_AES_128_CBC_SHA (0x33) DH 1024 bits (p: 128, g: 1, Ys: 128) FS WEAK TLS_RSA_WITH_RC4_128_SHA (0x5) WEAK
If you really must connect to that server, Go does support the last cipher in the list, but not by default. Create a client with a new tls.Config specifying the cipher you want:
t := &http.Transport{ Proxy: http.ProxyFromEnvironment, Dial: (&net.Dialer{ Timeout: 30 * time.Second, KeepAlive: 30 * time.Second, }).Dial, TLSHandshakeTimeout: 10 * time.Second, TLSClientConfig: &tls.Config{ CipherSuites: []uint16{tls.TLS_RSA_WITH_RC4_128_SHA}, }, }
翻译