If it helps, this is affecting me on Wheezy as well. $ cat /etc/debian_version 7.8
$ openssl version OpenSSL 1.0.1e 11 Feb 2013 $ openssl s_client -connect example.com:443 CONNECTED(00000003) 140073850304168:error:14077438:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1 alert internal error:s23_clnt.c:749: Python script using requests and bs4: $ python rss.py /usr/local/lib/python2.7/dist-packages/requests/packages/urllib3/util/ssl_.py:90: InsecurePlatformWarning: A true SSLContext object is not available. This prevents urllib3 from configuring SSL appropriately and may cause certain SSL connections to fail. For more information, see https://urllib3.readthedocs.org/en/latest/security.html#insecureplatformwarning. InsecurePlatformWarning Traceback (most recent call last): File "rss.py", line 19, in <module> feed = requests.get(x) File "/usr/local/lib/python2.7/dist-packages/requests/api.py", line 69, in get return request('get', url, params=params, **kwargs) File "/usr/local/lib/python2.7/dist-packages/requests/api.py", line 50, in request response = session.request(method=method, url=url, **kwargs) File "/usr/local/lib/python2.7/dist-packages/requests/sessions.py", line 465, in request resp = self.send(prep, **send_kwargs) File "/usr/local/lib/python2.7/dist-packages/requests/sessions.py", line 573, in send r = adapter.send(request, **kwargs) File "/usr/local/lib/python2.7/dist-packages/requests/adapters.py", line 431, in send raise SSLError(e, request=request) requests.exceptions.SSLError: [Errno 1] _ssl.c:504: error:14077438:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1 alert internal error Same script and URL using feedparser: $ python rss.py {'feed': {}, 'bozo': 1, 'bozo_exception': URLError(SSLError(1, '_ssl.c:504: error:14077438:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1 alert internal error'),), 'entries': []} -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssl in Ubuntu. https://bugs.launchpad.net/bugs/1475228 Title: openssl/curl error: SSL23_GET_SERVER_HELLO:tlsv1 alert internal error on TLS only configured server Status in openssl package in Ubuntu: New Bug description: (taken from http://askubuntu.com/questions/649000/openssl-curl-error- ssl23-get-server-hellotlsv1-alert-internal- error?noredirect=1#comment931621_649000) We encounter very strange problems connecting with openssl or curl to one of our servers, from Ubuntu 14.04 Executing: openssl s_client -connect ms.icometrix.com:443 gives: CONNECTED(00000003) 140557262718624:error:14077438:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1 alert internal error:s23_clnt.c:770: A similar error when executing: curl https://ms.icometrix.com curl: (35) error:14077438:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1 alert internal error Output of openssl version (on client/server): OpenSSL 1.0.1f 6 Jan 2014 The funny thing is, the problem vanishes when connecting with other versions of Openssl: From a mac, OpenSSL 0.9.8zd 8 Jan 2015, all ok From centos, OpenSSL 1.0.1e-fips 11 Feb 2013, all ok Latest stable release on Ubuntu 14.04, OpenSSL 1.0.2d 9 Jul 2015, all ok. From server side, we do not see anything strange. The problem started when we disabled SSL3 on our machines. Might there be a problem with the build in the apt-get? We also test other versions, the one proposed by apt-cache showpkg, but the problem remains... BTW: I don't consider this the same as https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/861137?comments=al because, they're talking about SSL enabled servers. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1475228/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
