This might be better coming from the Ubuntu OpenSSL maintainer but I'm having an issue which the only current suggested fix/workaround is to downgrade to 1.0.0.
I have a website I am monitoring and the tool uses the CURL library which in turn uses the OpenSSL library. While all the browsers I've tried accept the certificate OpenSSL does not. The results are below. # cat /etc/lsb-release DISTRIB_ID=Ubuntu DISTRIB_RELEASE=12.04 DISTRIB_CODENAME=precise DISTRIB_DESCRIPTION="Ubuntu 12.04.1 LTS" # uname -a Linux cnxmon 3.2.0-32-generic-pae #51-Ubuntu SMP Wed Sep 26 21:54:23 UTC 2012 i686 i686 i386 GNU/Linux # openssl version OpenSSL 1.0.1 14 Mar 2012 # openssl s_client -connect anthemnhequote.insurix.com:443 CONNECTED(00000003) 3077576328:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:s23_lib.c:177: --- no peer certificate available --- No client certificate CA names sent --- SSL handshake has read 0 bytes and written 226 bytes --- New, (NONE), Cipher is (NONE) Secure Renegotiation IS NOT supported Compression: NONE Expansion: NONE --- I'm hoping that there is already a fix and I just have to nudge the maintainer to slurp up the fix. Or there is something I can do in IIS to get it to work. Darryl Baker Sr Application Support Engineer [cid:image001.png@01CDD3B7.172C5670] 18500 W Corporate Dr Suite 250 Brookfield, WI 53045 (262) 432-8252 http://www.connecture.com<http://www.connecture.com/> Follow Connecture on [cid:image002.png@01CDD3B7.172C5670] <http://www.twitter.com/Connecture>
<<inline: image001.png>>
<<inline: image002.png>>
