Private API Gateway URL is not accessible


I'm doing some PoC stuff around API Gateway, and I can't access the URL that API Gateway gives me after deploying the endpoint. I have a VPC endpoint set up with Private DNS turned on. I can access the API Gateway if I use one of the VPCE DNS names and set the Host header to the hostname of the provided API Gateway URL. But if I log into an instance in the same subnet and try to curl the URL that API Gateway gives me, I just get this:

$ curl -ivk https://{apiId}  
* About to connect() to {apiId} port 443 (#0)  
*   Trying {ip}... connected  
* Connected to {apiId} ({ip}) port 443 (#0)  
* Initializing NSS with certpath: sql:/etc/pki/nssdb  
* warning: ignoring value of ssl.verifyhost  
* NSS error -5961  
* Closing connection #0  
* SSL connect error  
curl: (35) SSL connect error  

What am I missing?

asked 5 years ago291 views
1 Answer

I discovered that the version of CentOS on the instance I was connecting with had an older version of curl which didn't handle the SSL transaction correctly. Launching a new instance with the Amazon Linux AMI resulted in a successful HTTP transaction.

answered 5 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions