Hi all, I have been searching for some time for a solution and I can not manage to solve my problem. I have a computer that can not connect to some sites, e.g. github, by using openssl. I am running a debian testing with all the updates available as of today, and libssl used is v1.0.2. If I execute: > openssl s_client -connect github.com:443 The only answer I get is: > CONNECTED(00000003) > 140058172421776:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown > protocol:s23_clnt.c:794: --- > no peer certificate available > --- > No client certificate CA names sent > --- > SSL handshake has read 7 bytes and written 315 bytes > --- > New, (NONE), Cipher is (NONE) > Secure Renegotiation IS NOT supported > Compression: NONE > Expansion: NONE > No ALPN negotiated > > SSL-Session: > Protocol : TLSv1.2 > Cipher : 0000 > Session-ID: > Session-ID-ctx: > Master-Key: > Key-Arg : None > PSK identity: None > PSK identity hint: None > SRP username: None > Start Time: 1451415453 > Timeout : 300 (sec) > Verify return code: 0 (ok) > > ---� I have created a network namespace and executed the program inside while sniffing the traffic with tcpdump (See attached file). If I execute ***the same*** openssl binary on my arch linux, the program works flawlessly. If I obtain also the traffic on the arch, I see a difference: in my debian there is no clienthello sent to the server, whereas in arch linux it is. I would consider, under these circumstances, that is an environment problem in my debian. Therefore I have executed the same command on a completely fresh bash, without any strange environment vars, obtaining the same result. Then I thought it could be related to any configuration file, but... I have not been able to find any :S Can somebody give any hint? I would really appreciate it. thank you! Felix -------------- next part -------------- A non-text attachment was scrubbed... Name: not_working.cap Type: application/vnd.tcpdump.pcap Size: 1815 bytes Desc: not available URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20151229/d866d4c0/attachment-0001.cap>
