Using the advice here: http://blog.techstacks.com/2008/09/securing-ssl- in-tomcat-part-two.html - in other words, constraining the ciphers allowed in my tomcat server's SSL connector definition, made the problem go away.
curl now works on the openssl 1.0.0 clients without -3 the attached perl script also now works on the openssl 1.0.0 clients To clarify, the full text of the error message I was getting looked like (from curl): curl: (35) error:14077438:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1 alert internal error And from perl: ./test.pl Can't connect to solr-server.example.org:8443 LWP::Protocol::https::Socket: SSL connect attempt failed with unknown errorerror:14077438:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1 alert internal error at /usr/share/perl5/LWP/Protocol/http.pm line 51. 500 Can't connect to solr-server.example.org:8443 at ./test.pl line 19. ** Attachment added: "example perl script to test LWP::UserAgent" https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/861137/+attachment/2604458/+files/test.pl -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/861137 Title: Openssl TLS errors while connecting to SSLv3 sites To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/861137/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs