problem
The online server uses curl to access the Apple interface, and the access error is shown in the figure
Both ip access and domain name access are reported errors, local access interface address is normal, ping is also normal, only online server access is reported
Troubleshoot
Since I have not encountered a similar situation, other servers in the same region can be accessed normally, and only one project server cannot be accessed. Initially, I suspected the DNS problem. It was found that the DNS problem could not be solved by switching DNS.
Look at the error report in more detail through curl -v
curl -X GET https://appleid.apple.com/auth/keys -v
From the above figure, it is found that the error is related to NSS. After checking the data, it may be that nss needs to be upgraded, so find the same type of server in the test environment to test the upgrade.
yum install nss libcurl -y;yum update nss libcurl -y
Back to normal
to sum up
This problem is caused by the low curl and nss versions of centos6.x used in the production environment. After the upgraded version, it can be accessed normally.