SSL not working if configured as file config

Hi,

I have this config file gunicorn.conf.py:

import multiprocessing

bind = ["127.0.0.1:20194", "0.0.0.0:5000"]
workers = 1 # multiprocessing.cpu_count() * 2 + 1
proc_name = "dimensigon"
keyfile = 'ssl/cert.pem'
certfile = 'ssl/key.pem'
ca_certs = 'ssl/ca.crt'

if I run gunicorn --conf file:app and execute a curl I get the following error:

$ curl -v --trace - https://127.0.0.1:20194
Warning: --trace overrides an earlier trace/verbose option
== Info:   Trying 127.0.0.1:20194...
== Info: TCP_NODELAY set
== Info: Connected to 127.0.0.1 (127.0.0.1) port 20194 (#0)
== Info: ALPN, offering h2
== Info: ALPN, offering http/1.1
== Info: successfully set certificate verify locations:
== Info:   CAfile: none
  CApath: /etc/ssl/certs
=> Send SSL data, 5 bytes (0x5)
0000: 16 03 01 02 00                                  .....
== Info: TLSv1.3 (OUT), TLS handshake, Client hello (1):
=> Send SSL data, 512 bytes (0x200)
0000: 01 00 01 fc 03 03 45 cd 64 cd d7 c2 60 7b e2 4f ......E.d...`{.O
0010: 4f 4c 74 5e 11 af 86 7a 0d ca 0f 0b 1b 7c a8 4f OLt^...z.....|.O
0020: a4 9c 8f 9b ba 4a 20 2c f7 6d 4b a9 f0 4a 5c fe .....J ,.mK..J\.
0030: c0 a3 5a 43 f7 a3 5b 63 84 d3 cb c3 70 51 40 f7 ..ZC..[c....pQ@.
0040: 8b a7 e1 03 7f 18 bc 00 3e 13 02 13 03 13 01 c0 .......>.......
0050: 2c c0 30 00 9f cc a9 cc a8 cc aa c0 2b c0 2f 00 ,.0.........+./.
0060: 9e c0 24 c0 28 00 6b c0 23 c0 27 00 67 c0 0a c0 ..$.(.k.#.'.g...
0070: 14 00 39 c0 09 c0 13 00 33 00 9d 00 9c 00 3d 00 ..9.....3.....=.
0080: 3c 00 35 00 2f 00 ff 01 00 01 75 00 0b 00 04 03 <.5./.....u.....
0090: 00 01 02 00 0a 00 0c 00 0a 00 1d 00 17 00 1e 00 ................
00a0: 19 00 18 33 74 00 00 00 10 00 0e 00 0c 02 68 32 ...3t.........h2
00b0: 08 68 74 74 70 2f 31 2e 31 00 16 00 00 00 17 00 .http/1.1.......
00c0: 00 00 31 00 00 00 0d 00 30 00 2e 04 03 05 03 06 ..1.....0.......
00d0: 03 08 07 08 08 08 09 08 0a 08 0b 08 04 08 05 08 ................
00e0: 06 04 01 05 01 06 01 03 03 02 03 03 01 02 01 03 ................
00f0: 02 02 02 04 02 05 02 06 02 00 2b 00 09 08 03 04 ..........+.....
0100: 03 03 03 02 03 01 00 2d 00 02 01 01 00 33 00 26 .......-.....3.&
0110: 00 24 00 1d 00 20 cd ba 65 27 b1 f3 a9 7f 95 89 .$... ..e'.....
0120: 8a 06 66 69 bb 32 c7 e6 41 fc 70 cf 58 26 ee 97 ..fi.2..A.p.X&..
0130: d7 37 61 56 dd 0d 00 15 00 c6 00 00 00 00 00 00 .7aV............
0140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
01a0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
01b0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
01c0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
01d0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
01e0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
01f0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
<= Recv SSL data, 5 bytes (0x5)
0000: 48 54 54 50 2f                                  HTTP/
== Info: error:1408F10B:SSL routines:ssl3_get_record:wrong version number
== Info: Closing connection 0
curl: (35) error:1408F10B:SSL routines:ssl3_get_record:wrong version number

but if I run without a config file gunicorn --keyfile ssl/key.pem --certfile=ssl/cert.pem dimensigon:app

$ curl -v --trace - https://127.0.0.1:20194
Warning: --trace overrides an earlier trace/verbose option
== Info:   Trying 127.0.0.1:20194...
== Info: TCP_NODELAY set
== Info: Connected to 127.0.0.1 (127.0.0.1) port 20194 (#0)
== Info: ALPN, offering h2
== Info: ALPN, offering http/1.1
== Info: successfully set certificate verify locations:
== Info:   CAfile: none
  CApath: /etc/ssl/certs
=> Send SSL data, 5 bytes (0x5)
0000: 16 03 01 02 00                                  .....
== Info: TLSv1.3 (OUT), TLS handshake, Client hello (1):
=> Send SSL data, 512 bytes (0x200)
0000: 01 00 01 fc 03 03 d1 61 61 88 6b 30 55 aa b5 81 .......aa.k0U...
0010: 60 c6 4d 2a 74 be 06 21 94 e9 41 00 c5 44 a6 e2 `.M*t..!..A..D..
0020: 5b da 91 2c a9 09 20 85 50 c9 0e 28 f4 e8 a3 2d [..,.. .P..(...-
0030: 83 af 06 38 76 84 e1 46 b8 f8 e3 34 a3 5a 22 46 ...8v..F...4.Z"F
0040: 95 6c 2d 4d b4 2a 3f 00 3e 13 02 13 03 13 01 c0 .l-M.*?.>.......
0050: 2c c0 30 00 9f cc a9 cc a8 cc aa c0 2b c0 2f 00 ,.0.........+./.
0060: 9e c0 24 c0 28 00 6b c0 23 c0 27 00 67 c0 0a c0 ..$.(.k.#.'.g...
0070: 14 00 39 c0 09 c0 13 00 33 00 9d 00 9c 00 3d 00 ..9.....3.....=.
0080: 3c 00 35 00 2f 00 ff 01 00 01 75 00 0b 00 04 03 <.5./.....u.....
0090: 00 01 02 00 0a 00 0c 00 0a 00 1d 00 17 00 1e 00 ................
00a0: 19 00 18 33 74 00 00 00 10 00 0e 00 0c 02 68 32 ...3t.........h2
00b0: 08 68 74 74 70 2f 31 2e 31 00 16 00 00 00 17 00 .http/1.1.......
00c0: 00 00 31 00 00 00 0d 00 30 00 2e 04 03 05 03 06 ..1.....0.......
00d0: 03 08 07 08 08 08 09 08 0a 08 0b 08 04 08 05 08 ................
00e0: 06 04 01 05 01 06 01 03 03 02 03 03 01 02 01 03 ................
00f0: 02 02 02 04 02 05 02 06 02 00 2b 00 09 08 03 04 ..........+.....
0100: 03 03 03 02 03 01 00 2d 00 02 01 01 00 33 00 26 .......-.....3.&
0110: 00 24 00 1d 00 20 3a 41 52 8d 66 04 cf 49 55 25 .$... :AR.f..IU%
0120: 00 16 21 8b 00 35 06 75 e3 a8 99 70 75 bd 6b 66 ..!..5.u...pu.kf
0130: 94 d9 ec 8a 03 1e 00 15 00 c6 00 00 00 00 00 00 ................
0140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
01a0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
01b0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
01c0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
01d0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
01e0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
01f0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
<= Recv SSL data, 5 bytes (0x5)
0000: 16 03 03 00 7a                                  ....z
== Info: TLSv1.3 (IN), TLS handshake, Server hello (2):
<= Recv SSL data, 122 bytes (0x7a)
0000: 02 00 00 76 03 03 69 5f 48 92 9e c3 f9 2b ea 78 ...v..i_H....+.x
0010: 7f c8 6e dd bf a2 5a 7e bf f3 03 8e 3e 5e d6 b5 .n...Z~....>^..
0020: c1 23 09 b9 2a 74 20 85 50 c9 0e 28 f4 e8 a3 2d .#..*t .P..(...-
0030: 83 af 06 38 76 84 e1 46 b8 f8 e3 34 a3 5a 22 46 ...8v..F...4.Z"F
0040: 95 6c 2d 4d b4 2a 3f 13 02 00 00 2e 00 2b 00 02 .l-M.*?......+..
0050: 03 04 00 33 00 24 00 1d 00 20 7f 14 c8 35 f0 de ...3.$... ..5..
0060: 98 7d a8 61 1f 9d eb 61 a3 17 a9 06 8f c2 a2 bd .}.a...a........
0070: 03 f1 68 f4 8a 5e 07 3c 54 15                   ..h..^.<T.
<= Recv SSL data, 5 bytes (0x5)
0000: 14 03 03 00 01                                  .....
<= Recv SSL data, 5 bytes (0x5)
0000: 17 03 03 00 17                                  .....
<= Recv SSL data, 1 bytes (0x1)
0000: 16                                              .
== Info: TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
<= Recv SSL data, 6 bytes (0x6)
0000: 08 00 00 02 00 00                               ......
<= Recv SSL data, 5 bytes (0x5)
0000: 17 03 03 09 80                                  .....
<= Recv SSL data, 1 bytes (0x1)
0000: 16                                              .
== Info: TLSv1.3 (IN), TLS handshake, Certificate (11):
<= Recv SSL data, 2415 bytes (0x96f)

I don't see the problem here...

thanks

@jamadden the ca-certs parameter is working in the command line as we can see when we execute the curl

(dimensigon) joan@joan-All-Series:~/dimensigon$ curl -v --trace - https://127.0.0.1:5000
Warning: --trace overrides an earlier trace/verbose option
== Info: Rebuilt URL to: https://127.0.0.1:5000/
== Info:   Trying 127.0.0.1...
== Info: TCP_NODELAY set
== Info: Connected to 127.0.0.1 (127.0.0.1) port 5000 (#0)
== Info: ALPN, offering h2
== Info: ALPN, offering http/1.1
== Info: successfully set certificate verify locations:
== Info:   CAfile: /etc/ssl/certs/ca-certificates.crt
  CApath: /etc/ssl/certs
=> Send SSL data, 5 bytes (0x5)
0000: 16 03 01 02 00                                  .....
== Info: TLSv1.3 (OUT), TLS handshake, Client hello (1):
=> Send SSL data, 512 bytes (0x200)
0000: 01 00 01 fc 03 03 f1 68 9f 88 5b f7 c6 fc 4d 07 .......h..[...M.
0010: ce 4c 6a 80 e3 9a 7b 1c 55 ea 4f ce 2a 6a 92 41 .Lj...{.U.O.*j.A
0020: 4b 68 a5 5d 44 b1 20 35 d9 1c 63 97 1d 26 0d 7f Kh.]D. 5..c..&.
0030: b7 35 5b 8c 95 e2 40 97 c1 c6 2e a9 f0 ac 06 1a .5[...@.........
0040: 7c 38 52 ee 40 8d 29 00 3e 13 02 13 03 13 01 c0 |8R.@.).>.......
0050: 2c c0 30 00 9f cc a9 cc a8 cc aa c0 2b c0 2f 00 ,.0.........+./.
0060: 9e c0 24 c0 28 00 6b c0 23 c0 27 00 67 c0 0a c0 ..$.(.k.#.'.g...
0070: 14 00 39 c0 09 c0 13 00 33 00 9d 00 9c 00 3d 00 ..9.....3.....=.
0080: 3c 00 35 00 2f 00 ff 01 00 01 75 00 0b 00 04 03 <.5./.....u.....
0090: 00 01 02 00 0a 00 0c 00 0a 00 1d 00 17 00 1e 00 ................
00a0: 19 00 18 33 74 00 00 00 10 00 0e 00 0c 02 68 32 ...3t.........h2
00b0: 08 68 74 74 70 2f 31 2e 31 00 16 00 00 00 17 00 .http/1.1.......
00c0: 00 00 0d 00 30 00 2e 04 03 05 03 06 03 08 07 08 ....0...........
00d0: 08 08 09 08 0a 08 0b 08 04 08 05 08 06 04 01 05 ................
00e0: 01 06 01 03 03 02 03 03 01 02 01 03 02 02 02 04 ................
00f0: 02 05 02 06 02 00 2b 00 09 08 03 04 03 03 03 02 ......+.........
0100: 03 01 00 2d 00 02 01 01 00 33 00 26 00 24 00 1d ...-.....3.&.$..
0110: 00 20 14 b7 4e 83 aa e0 f3 a2 13 43 b4 3d 6f ac . ..N......C.=o.
0120: fa 45 f9 b6 48 f9 05 cc 0b 1b fa de 02 c0 57 46 .E..H.........WF
0130: 76 5a 00 15 00 ca 00 00 00 00 00 00 00 00 00 00 vZ..............
0140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
01a0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
01b0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
01c0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
01d0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
01e0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
01f0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
<= Recv SSL data, 5 bytes (0x5)
0000: 16 03 03 00 7a                                  ....z
== Info: TLSv1.3 (IN), TLS handshake, Server hello (2):
<= Recv SSL data, 122 bytes (0x7a)
0000: 02 00 00 76 03 03 85 84 cd c3 58 be 2c 57 fa 46 ...v......X.,W.F
0010: f5 a7 44 61 b0 a6 92 50 f1 c3 de 05 ec c7 60 38 ..Da...P......`8
0020: 9a 50 9b be 34 14 20 35 d9 1c 63 97 1d 26 0d 7f .P..4. 5..c..&.
0030: b7 35 5b 8c 95 e2 40 97 c1 c6 2e a9 f0 ac 06 1a .5[...@.........
0040: 7c 38 52 ee 40 8d 29 13 02 00 00 2e 00 2b 00 02 |8R.@.)......+..
0050: 03 04 00 33 00 24 00 1d 00 20 0f 47 4b c0 d3 b2 ...3.$... .GK...
0060: ed f2 dd 8f 34 9b 58 fb 3c ed 7c c5 ac f4 1d 1d ....4.X.<.|.....
0070: bf f9 7b 2f 5c b6 e0 4c 09 14                   ..{/\..L..
<= Recv SSL data, 5 bytes (0x5)
0000: 14 03 03 00 01                                  .....
<= Recv SSL data, 5 bytes (0x5)
0000: 17 03 03 00 17                                  .....
== Info: TLSv1.3 (IN), TLS Unknown, Certificate Status (22):
<= Recv SSL data, 1 bytes (0x1)
0000: 16                                              .
== Info: TLSv1.3 (IN), TLS handshake, Unknown (8):
<= Recv SSL data, 6 bytes (0x6)
0000: 08 00 00 02 00 00                               ......
<= Recv SSL data, 5 bytes (0x5)
0000: 17 03 03 04 74                                  ....t
== Info: TLSv1.3 (IN), TLS Unknown, Certificate Status (22):
<= Recv SSL data, 1 bytes (0x1)
0000: 16                                              .
== Info: TLSv1.3 (IN), TLS handshake, Certificate (11):
<= Recv SSL data, 1123 bytes (0x463)
0000: 0b 00 04 5f 00 00 04 5b 00 04 56 30 82 04 52 30 ..._...[..V0..R0
0010: 82 02 3a a0 03 02 01 02 02 14 73 f4 df 51 33 b6 ..:.......s..Q3.
0020: 5a b9 a8 5a f0 8d da d1 e8 95 ec 4f 0c f5 30 0d Z..Z.......O..0.
0030: 06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 30 4e 31 ..*.H........0N1
0040: 12 30 10 06 03 55 04 03 0c 09 64 69 6d 65 6e 73 .0...U....dimens
0050: 69 6f 6e 31 17 30 15 06 03 55 04 0a 0c 0e 4b 6e ion1.0...U....Kn
0060: 6f 77 54 72 61 64 65 20 53 2e 4c 2e 31 1f 30 1d owTrade S.L.1.0.
0070: 06 03 55 04 0b 0c 16 43 41 20 44 69 6d 65 6e 73 ..U....CA Dimens
0080: 69 6f 6e 20 64 69 6d 65 6e 73 69 6f 6e 30 1e 17 ion dimension0..
0090: 0d 32 30 30 32 31 37 31 36 33 30 34 35 5a 17 0d .200217163045Z..
00a0: 33 30 30 32 31 35 31 36 33 30 34 35 5a 30 78 31 300215163045Z0x1
00b0: 0f 30 0d 06 03 55 04 03 0c 06 75 62 75 6e 74 75 .0...U....ubuntu
00c0: 31 0b 30 09 06 03 55 04 06 13 02 45 53 31 12 30 1.0...U....ES1.0
00d0: 10 06 03 55 04 08 0c 09 42 61 72 63 65 6c 6f 6e ...U....Barcelon
00e0: 61 31 12 30 10 06 03 55 04 07 0c 09 42 61 72 63 a1.0...U....Barc
00f0: 65 6c 6f 6e 61 31 17 30 15 06 03 55 04 0a 0c 0e elona1.0...U....
0100: 4b 6e 6f 77 54 72 61 64 65 20 53 2e 4c 2e 31 17 KnowTrade S.L.1.
0110: 30 15 06 03 55 04 03 0c 0e 64 69 6d 65 6e 73 69 0...U....dimensi
0120: 67 6f 6e 2e 63 6f 6d 30 82 01 22 30 0d 06 09 2a gon.com0.."0...*
0130: 86 48 86 f7 0d 01 01 01 05 00 03 82 01 0f 00 30 .H.............0
0140: 82 01 0a 02 82 01 01 00 b2 d4 34 82 e1 a8 d9 26 ..........4....&
0150: b9 1b fe 39 af 6a 0c 5f e0 75 78 01 66 9d a1 df ...9.j._.ux.f...
0160: 3b ed e2 62 d1 09 54 a4 15 1a f4 d7 51 52 64 97 ;..b..T.....QRd.
0170: 18 c2 10 aa 27 9b 03 61 b4 60 41 14 03 ab 79 52 ....'..a.`A...yR
0180: 85 a3 e9 b6 1e 77 42 e4 38 ab 23 fd b7 f5 a0 b0 .....wB.8.#.....
0190: 59 8d ee 70 0c 67 ab c9 a8 1e c1 54 83 1a 18 68 Y..p.g.....T...h
01a0: 14 38 cc 3d 2f 7a 6e 90 36 90 76 a8 15 0d 6d 71 .8.=/zn.6.v...mq
01b0: 8c 62 54 3c a5 d0 9d 1d fd d3 10 f8 fc 28 a8 ae .bT<.........(..
01c0: 2f 6a 85 24 75 dd 24 95 58 f3 16 bf 2c 63 a6 b1 /j.$u.$.X...,c..
01d0: 57 36 ab 25 49 a3 d8 54 50 d4 64 f7 e3 56 b9 63 W6.%I..TP.d..V.c
01e0: 33 7c 5c 9a ad 92 3d c3 70 5e 75 09 75 87 3c f2 3|\...=.p^u.u.<.
01f0: d4 fb b7 8a 72 77 7f b5 7c 31 9d fc e4 e5 59 b2 ....rw.|1....Y.
0200: dc 32 d3 1e 79 4c 4a 31 a1 09 fb ae 36 a1 9c 9b .2..yLJ1....6...
0210: 76 75 4b 4d 48 9c 92 5b 4f 1a d8 87 00 d3 76 e6 vuKMH..[O.....v.
0220: fc 95 ce b6 b8 cd 23 74 4a c4 cd b3 41 96 a5 11 ......#tJ...A...
0230: 69 82 f0 4f 32 13 a2 cd fa 2f 1b 4b 30 26 10 6c i..O2..../.K0&.l
0240: 32 24 7e 16 cd c4 f6 69 02 03 01 00 01 30 0d 06 2$~....i.....0..
0250: 09 2a 86 48 86 f7 0d 01 01 0b 05 00 03 82 02 01 .*.H............
0260: 00 62 6c dc f0 2c 7e db 5a d6 88 84 6d 46 d9 9c .bl..,~.Z...mF..
0270: e7 05 92 d1 01 18 68 cb 35 39 cf 4d 81 76 04 69 ......h.59.M.v.i
0280: 8c f1 3e cc ed a1 e9 03 33 d3 7f e3 53 6e d1 a9 ..>.....3..Sn..
0290: 55 f0 3e a5 b1 61 07 73 37 8b 5e d4 5f 0e a5 35 U.>..a.s7.^._..5
02a0: ec 04 aa 9b 78 49 d1 29 50 8e 6c d3 f0 29 b2 3f ....xI.)P.l..).?
02b0: 18 5c fd ef bc 7f f2 34 43 c3 8a ef 1f 7b 18 3f .\....4C....{.?
02c0: d5 a3 9f d4 c5 fa a0 db 6d 17 49 db b2 fd 4b 47 ........m.I...KG
02d0: 4a 66 10 25 29 7f 6f 11 ee 0d 0e 4f b9 9e c0 6b Jf.%)o....O...k
02e0: 3f 89 a6 77 29 4a 7b a1 fc 2d c6 39 14 dc 37 7c ?..w)J{..-.9..7|
02f0: a9 e7 6a 8e 65 c2 a4 44 74 b0 58 76 1d e8 bf 7f ..j.e..Dt.Xv...
0300: 5a 57 9d 11 57 08 47 ee 53 6e f0 0c 95 43 4b ae ZW..W.G.Sn...CK.
0310: a7 f9 8d 94 26 f9 24 58 c5 2e 4c aa 59 a0 aa 66 ....&.$X..L.Y..f
0320: 21 29 79 92 65 41 26 fa 98 be 06 e8 d0 85 3d 2a !)y.eA&.......=*
0330: 69 e9 66 09 09 95 b5 cf d9 c2 33 26 f1 80 e4 68 i.f.......3&...h
0340: 05 9c 21 74 05 d7 18 78 38 d9 bf 8f ce 72 aa 45 ..!t...x8....r.E
0350: 17 90 d8 04 3b 37 16 d3 2d df 06 89 b7 a5 03 15 ....;7..-.......
0360: 6d 66 88 59 54 36 69 6e 97 72 de e0 ac ae 50 55 mf.YT6in.r....PU
0370: 64 d1 76 86 6a cd 09 71 26 e8 fd 01 60 e7 86 8b d.v.j..q&...`...
0380: 0f f9 a9 d9 00 39 52 c4 d9 5d a7 26 b1 50 b9 ae .....9R..].&.P..
0390: f2 e9 d7 c2 ee 67 66 17 3b 81 37 12 ff cb 65 ca .....gf.;.7...e.
03a0: d8 36 a9 61 31 fd 3e 65 87 94 c5 0c d2 a6 dc 5b .6.a1.>e.......[
03b0: 82 de 9c e4 28 d1 af 8b 97 8f d2 9f 00 36 a0 d4 ....(........6..
03c0: 3c 41 a5 93 11 b6 0d 50 60 18 30 ae fd 29 50 6e <A.....P`.0..)Pn
03d0: 33 34 46 bf c3 61 b0 fb fd a9 f9 3a a2 31 73 ec 34F..a.....:.1s.
03e0: 03 a1 38 d6 69 49 df 8b a2 7d 91 46 d7 c9 0e 57 ..8.iI...}.F...W
03f0: 17 1b 2f d7 f1 be 8b c3 6f 14 7f 0e a9 b0 50 e5 ../.....o....P.
0400: 46 74 59 f1 bc c1 b2 63 9f 75 00 a2 b0 a1 9e f9 FtY....c.u......
0410: 13 2e 8d 69 fe 5c cc 9d e8 ba 1c 92 a7 21 d9 68 ...i.\.......!.h
0420: d2 03 8a 19 00 cc a8 f3 34 f9 66 d3 32 65 b3 fa ........4.f.2e..
0430: fb 3d 07 c1 ca 6a 57 62 a7 7c 3f b2 3b e0 1c d3 .=...jWb.|?.;...
0440: c0 0b c5 e8 65 56 34 76 43 00 78 02 58 b8 da d5 ....eV4vC.x.X...
0450: bb 1c cf 71 a6 e0 94 3f 28 f8 be 05 04 68 30 b6 ...q...?(....h0.
0460: 18 00 00                                        ...
=> Send SSL data, 5 bytes (0x5)
0000: 15 03 03 00 02                                  .....
== Info: TLSv1.3 (OUT), TLS alert, Server hello (2):
=> Send SSL data, 2 bytes (0x2)
0000: 02 30                                           .0
== Info: SSL certificate problem: unable to get local issuer certificate
== Info: stopped the pause stream!
== Info: Closing connection 0
curl: (60) SSL certificate problem: unable to get local issuer certificate
More details here: https://curl.haxx.se/docs/sslcerts.html

curl failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it. To learn more about this situation and
how to fix it, please visit the web page mentioned above.

benoitc / gunicorn

SSL not working if configured as file config #2272