Whenever I try to connect to https://github.com from a Docker container running centos:7 (or any other image I've tried), the connection cannot be established:
$ curl https://github.com -v -m 5
* About to connect() to github.com port 443 (#0)
* Trying 20.248.137.48...
* Connected to github.com (20.248.137.48) port 443 (#0)
* Initializing NSS with certpath: sql:/etc/pki/nssdb
* CAfile: /etc/pki/tls/certs/ca-bundle.crt
CApath: none
* Operation timed out after 5001 milliseconds with 0 out of 0 bytes received
* Closing connection 0
curl: (28) Operation timed out after 5001 milliseconds with 0 out of 0 bytes received
However, after I run ssh github.com I can access the site using HTTPS as well:
$ ssh github.com
Permission denied (publickey).
$ curl https://github.com -v -m 5
* About to connect() to github.com port 443 (#0)
* Trying 20.248.137.48...
* Connected to github.com (20.248.137.48) port 443 (#0)
* Initializing NSS with certpath: sql:/etc/pki/nssdb
* CAfile: /etc/pki/tls/certs/ca-bundle.crt
CApath: none
* SSL connection using TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
* Server certificate:
* subject: CN=github.com,O="GitHub, Inc.",L=San Francisco,ST=California,C=US
* start date: Feb 14 00:00:00 2023 GMT
* expire date: Mar 14 23:59:59 2024 GMT
* common name: github.com
* issuer: CN=DigiCert TLS Hybrid ECC SHA384 2020 CA1,O=DigiCert Inc,C=US
> GET / HTTP/1.1
> User-Agent: curl/7.29.0
> Host: github.com
> Accept: */*
>
< HTTP/1.1 200 OK
This only works if I actually try to connect using SSH. I have tried adding the SSH key fingerprint using ssh-keyscan but it seems that this has no effect. The presence of the known_hosts file has no impact on whether or not I can connect using HTTPS.
How can I get this to work, without having to use SSH to authenticate the host first?
