Even though there's a lot of results on Google none of them seem to give an answer. I have a Debian box where I do this:

# curl https://localhost/api/v1/status --verbose
* About to connect() to localhost port 443 (#0)
*   Trying ::1...
* connected
* Connected to localhost (::1) port 443 (#0)
* successfully set certificate verify locations:
*   CAfile: none
  CApath: /etc/ssl/certs
* SSLv3, TLS handshake, Client hello (1):
* error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol
* Closing connection #0
curl: (35) error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol

I can't get passed the unknown protocol thing. I've tried -ssl -sslv3 but they get me nowhere. Actually, -sslv3 gets me slightly different results:

s# curl https://localhost/api/v1/status --verbose -sslv3
* About to connect() to localhost port 443 (#0)
*   Trying ::1...
* connected
* Connected to localhost (::1) port 443 (#0)
* successfully set certificate verify locations:
*   CAfile: none
  CApath: /etc/ssl/certs
* SSLv3, TLS handshake, Client hello (1):
* SSLv3, TLS alert, Server hello (2):
* error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number
* Closing connection #0

My virtualhost is configured as thus (fragment):

    SSLEngine on
    SSLProtocol all -SSLv2
    SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM

    SSLCertificateFile    /etc/apache2/ssl.key/xxx/ssl.cert
    SSLCertificateKeyFile /etc/apache2/ssl.key/xxx/xxx.xxx.key

    #   Server Certificate Chain:
    SSLCertificateChainFile /etc/apache2/ssl.key/sub.class1.server.ca.pem

    #   Certificate Authority (CA):
    SSLCACertificateFile /etc/apache2/ssl.key/ca.pem

    <FilesMatch "\.(cgi|shtml|phtml|php)$">
            SSLOptions +StdEnvVars
    </FilesMatch>
    <Directory /usr/lib/cgi-bin>
            SSLOptions +StdEnvVars
    </Directory>
    BrowserMatch "MSIE [2-6]" \
            nokeepalive ssl-unclean-shutdown \
            downgrade-1.0 force-response-1.0
    # MSIE 7 and newer should be able to use keepalive
    BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown

Any help would be highly appreciated.

edit: Update I think I found my own problem!

The Virtual Host was bound to the external interface, and curl was trying to connect over localhost. So it never ended up at the configured virtual host.

To fix this, I have created a new VirtualHost entry bound to 127.0.0.1:80 that only allows connections from localhost. For my purposes, that is enough.

Although it is not the case of the OP, the error "Unknown protocol" in cURL appears when you accidentally trying to call HTTP server using HTTPS, usually during local development.
Just mentioning it in case someone Googles this error and lands here.

curl: (35) error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol

I had this issue with curl as well, and it turns out I had a problem with my environment variables.

Normally, you can specify the proxy using http_proxy and https_proxy environment variables, but I was accidentally using the wrong value for https_proxy.

In my case, I had:

http_proxy=http://a.b.c.d:3128/
https_proxy=https://a.b.c.d:3128/

This was wrong, because (in my case at least) the https_proxy should not be using the HTTPS protocol, it should be the same as the http_proxy. Once I set both proxy environment variables to use only http://a.b.c.d:3128/ everything worked again.

So, in case this helps others, try:

http_proxy=http://a.b.c.d:3128/
https_proxy=http://a.b.c.d:3128/ # NOT HTTPS

Also an answer here: node-request - Getting error "SSL23_GET_SERVER_HELLO:unknown protocol"

Your server is using outdated SSLv2... you could try this as it is in the man pages:

curl https://localhost/api/v1/status --verbose --sslv2