Below example used to work on a fresh install of EEM 12.6.8.0 or older.   But with EEM 12.6.9.0, the error occurs on a fresh install itself.

curl -u <username>:<password> <hostname>.<example>.<com>:5250/spin/eiam --trace-asci /tmp/dump.txt
== Info:   Trying 1##.##.##.##...
== Info: TCP_NODELAY set
== Info: Connected to localhost (##.##.##.##) port 5250 (#0)
== Info: Server auth using Basic with user '<username>'
=> Send header, 142 bytes (0x8e)
0000: GET /spin/eiam HTTP/1.1
0019: Host:<hostname>.<example>.<com>:5250
002f: Authorization: Basic ########################
0066: User-Agent: curl/7.61.1
007f: Accept: */*
008c:
== Info: Recv failure: Connection reset by peer
== Info: Closing connection 0
curl: (56) Recv failure: Connection reset by peer

AutoSys Workload Automation

The reason why the old way worked is because EEM allowed HTTP to HTTPS redirection prior to 12.6.9.0 (and then promoted everything to HTTPS after the initial connection).  Starting 12.6.9.0,  http to https redirection is blocked 

 That's why a curl without https, will result in a connection reset by peer.  When you use curl with https,  EEM server accepts the connection and so no error.

Include HTTPS protocol, example:  https://localhost:5250/spin/eiam   for the URL being tested through curl.

Example: curl -u <username>:<password> https://<hostname>.<example>.<com>:5250/spin/eiam --trace-asci /tmp/dump.txt -k 

Note: -k is to accept a self signed certificate, which is what an EEM install configures on a fresh install