** Also affects: python-apns-client (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/861137
Title:
Openssl TLS errors while connecting to SSLv3 site
Hi patrick,
we have exactly the same problem. Disabling SSL and everything related
to openssl just fails (and requests)
Nevertheless you told about this problem only occurring with TLS
versions other than 1.2, so I disabled all other TLS versions server
side, but the problem remains .
I checke
Hi Seth,
thank you for the quick reply. Actually the bug occurs with TLSv1 (not 1.2
apparently) and SSLv3. with pythons 2.7.9's ssl module it works for example
since it tries tls1.2 by default. I will add this information later I just
found it out since I needed a quick solution for a production
Patrick, I suggest filing a new bug; this bug is about TLS errors while
connecting to SSLv3 sites, but the site you listed specifically does not
support SSLv3:
https://www.ssllabs.com/ssltest/analyze.html?d=auslandsjahr%2dusa.com&s=104.28.16.100&latest
Thanks
--
You received this bug notificatio
Hi,
this Bug is unfortunately still active. Here is how to reproduce it:
$ curl https://auslandsjahr-usa.com --sslv3
$ curl --version
curl 7.35.0 (x86_64-pc-linux-gnu) libcurl/7.35.0 OpenSSL/1.0.1f zlib/1.2.8
libidn/1.28 librtmp/2.3
Protocols: dict file ftp ftps gopher http https imap imaps ldap
I checked all again and unfortunatrly I find the bug again. In my
scenario the server es a Tomcat webserver.
I changed the server's configuration, changing the ciphers options:
ciphers="SSL_RSA_WITH_RC4_128_SHA"
http://georgik.sinusgear.com/2012/02/19/tomcat-7-and-curl-ssl23_get_server_hellotls
I cannot deploy the bug with updated ubuntu 12.04
ii openssl
1.0.1-4ubuntu5.11
ii curl
7.22.0-3ubuntu4.7
curl 7.22.0 (x86_64-pc-linux-gnu) libcurl/7.22.0 OpenSSL/1.0.1
zlib/1.2.3.4 lib
Yes, that's the openssl version that gained TLSv1.1 support, which is
causing the remote server to close the connection. Passing -3 forces
openssl to use SSLv3 instead of TLSv1.1.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https:/
I have been able to fix this with the `-3` tag. The culprit appears to
be OpenSSLv1.0+
This bug does not affect:
$ curl --version
curl 7.19.7 (i486-pc-linux-gnu) libcurl/7.19.7 OpenSSL/0.9.8k zlib/1.2.3.3
libidn/1.15
$ lsb_release -d
Description:Ubuntu 10.04.3 LTS
$ curl $URL
!connection!
$
The issue is actually with certain SSLv3 servers that don't understand
the TLSv1.1 handshake and are closing the connection. This unfortunately
can't be fixed on the client without disabling TLSv1.1, or forcing an
SSLv3 connection.
--
You received this bug notification because you are a member of
I can confirm that this bug is still present on Ubuntu 13.04. Is there
any news on when this will be fixed? Right now it is causing enormous
problems for us, to the point that we may have to ditch Ubuntu
altogether if it is not fixed!
--
You received this bug notification because you are a member
I just found that instead of restricting the available ciphers on the
Tomcat server as per comment #6 I am also able to workaround the problem
by just restricting the available ciphers that the Apache proxy uses by
adding "SSLProxyCipherSuite RC4-SHA" to my Apache VirtualHost config.
This makes mor
I have the same problem. My 10.04 Apache server reverse proxied my
Tomcat 6.0.24 OpenJDK server just fine. I just swapped out the 10.04
Apache server with a 12.04 Apache server and the proxy failed until I
used the solution mentioned in comment #6.
--
You received this bug notification because
** Tags added: oneiric
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/861137
Title:
Openssl TLS errors while connecting to SSLv3 sites
To manage notifications about this bug go to:
https://bugs.laun
Same problem here. Same on 12.04 when trying to wget from Tomcat 7
(OpenJDK7) using https.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/861137
Title:
Openssl TLS errors while connecting to SSLv3 si
I got the same problem here:
running a tomcat under ubuntu 10.4 and no problem connecting with it from
different servers
a new installed server with ubuntu 12.4 isn't able to wget something from the
tomcat (only with --secure-protocol=sslv3)
tomcat runs with openJDK
looking forward ;)
--
You
reproducible with "curl https://mds.datacite.org";.
** Changed in: openssl (Ubuntu)
Status: Incomplete => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/861137
Title:
Openssl TLS er
The reproduction method given my graingert in comment #9 works
successfully for me now on 12.04, and no-one else has mentioned any
specific servers which exhibited the problem.
Therefore changing bug status to 'Incomplete' as it is impossible to
investigate at present.
** Changed in: openssl (Ubu
I'm with 64bit Ubuntu 12.04 and the problem is still present. I need to
debug a locally running tomcat and thankfully the workaround from
comment #6 worked for me too.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launch
ubuntu 12.04
I don't get this issue in wget, curl or openssl
But I do get this issue in python
import requests
requests.post("https://browserid.org/verify";, data={})
Traceback (most recent call last):
File "", line 1, in
File "/usr/local/lib/python2.7/dist-packages/requests/api.py", line 8
OS : 11.10 oneiric
Server Side is : Jboss 5
> openssl version
OpenSSL 1.0.0e 6 Sep 2011
> curl --version
curl 7.21.6 (i686-pc-linux-gnu) libcurl/7.21.6 OpenSSL/1.0.0e zlib/1.2.3.4
libidn/1.22 librtmp/2.3
Protocols: dict file ftp ftps gopher http https imap imaps ldap pop3 pop3s rtmp
rtsp smtp
Hi!
Can someone please fix it!? - Because perl's LWP is affected I can't use
listadmin anymore. :(
Also the workaround
$ua->ssl_opts(verify_hostnames => 0);
doesn't work.
Please...! - And thanks! :)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subs
Using the advice here: http://blog.techstacks.com/2008/09/securing-ssl-
in-tomcat-part-two.html - in other words, constraining the ciphers
allowed in my tomcat server's SSL connector definition, made the problem
go away.
curl now works on the openssl 1.0.0 clients without -3
the attached perl scr
curl & perl LWP::UserAgent are working fine on an Ubuntu 10.04.3 LTS
server, which seems to have openssl 0.9.8k
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/861137
Title:
Openssl TLS errors while c
Also fails on Debian wheezy with openssl 1.0.0e-2.1
Interestingly it's failing with only one of our back-end webservices,
which runs tomcat 6.0.24
wget works without any extra options
curl works if I supply -3
--
You received this bug notification because you are a member of Ubuntu
Bugs, which
Status changed to 'Confirmed' because the bug affects multiple users.
** Changed in: openssl (Ubuntu)
Status: New => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/861137
Title:
Ope
perl's LWP with Crypt::SSLeay is also affected:
LWP::Protocol::https::Socket: SSL connect attempt failed with unknown
errorerror:14077438:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1 alert
internal error at /usr/share/perl5/LWP/Protocol/http.pm line 51.
It worked before upgrading to Oneiric.
--
Yo
Tested python SOAPpy to use this to connect to WSDL servers. The same
error appears.
p = SOAPpy.WSDL.Proxy( 'https://localhost:8443/ejbca/ejbcaws/ejbcaws?wsdl',
config=c)
[Errno socket error] [Errno 1] _ssl.c:503: error:14077438:SSL
routines:SSL23_GET_SERVER_HELLO:tlsv1 alert internal error
htt
28 matches
Mail list logo
