[Bug 861137] Re: Openssl TLS errors while connecting to SSLv3 sites

Mon, 27 Feb 2012 23:41:18 -0800 

OS : 11.10 oneiric
Server Side is : Jboss 5

> openssl version

OpenSSL 1.0.0e 6 Sep 2011

> curl --version

curl 7.21.6 (i686-pc-linux-gnu) libcurl/7.21.6 OpenSSL/1.0.0e zlib/1.2.3.4 
libidn/1.22 librtmp/2.3
Protocols: dict file ftp ftps gopher http https imap imaps ldap pop3 pop3s rtmp 
rtsp smtp smtps telnet tftp 
Features: GSS-Negotiate IDN IPv6 Largefile NTLM SSL libz

> curl  -v  -L --capath ~/temp --cacert ~/temp/ca-bundle.crt
https://SERVERIP:8443

* About to connect() to SERVERIP port 8443 (#0)
*   Trying SERVERIP... connected
* Connected to SERVERIP (SERVERIP) port 8443 (#0)
* successfully set certificate verify locations:
*   CAfile: /home/nagi/temp/ca-bundle.crt
  CApath: /home/nagi/temp/
* SSLv3, TLS handshake, Client hello (1):
* SSLv3, TLS alert, Server hello (2):
* error:14077438:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1 alert internal error
* Closing connection #0
curl: (35) error:14077438:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1 alert 
internal error

with option  -3:
> curl  -v -3  -L --capath ~/temp --cacert ~/temp/ca-bundle.crt 
> https://SERVERIP:8443

* About to connect() to SERVERIP port 8443 (#0)
*   Trying SERVERIP... connected
* Connected to SERVERIP (SERVERIP) port 8443 (#0)
* successfully set certificate verify locations:
*   CAfile: /home/nagi/temp/ca-bundle.crt
  CApath: /home/nagi/temp/
* SSLv3, TLS handshake, Client hello (1):
* SSLv3, TLS alert, Server hello (2):
* error:14094438:SSL routines:SSL3_READ_BYTES:tlsv1 alert internal error
* Closing connection #0
curl: (35) error:14094438:SSL routines:SSL3_READ_BYTES:tlsv1 alert internal 
error

The ca-bundle.crt is created with firefox-db2pem.sh script in
http://curl.haxx.se/docs/caextract.html

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/861137

Title:
  Openssl TLS errors while connecting to SSLv3 sites

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/861137/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Reply via email to