[Bug 1035558] Re: SSL handshake error when connecting to api.samurai.feefighters.com

Scott Wagner ham at scottwagner.me
Sun Aug 12 08:39:13 UTC 2012 

I've done some further testing. First I recompiled OpenSSL with SSLv2
support. I received the same error when connecting to
api.samurai.feefighters.com. I went back to the command line and tested
more options to try and narrow down the problem. Here are the results:

openssl s_client -connect api.samurai.feefighters.com:443 -ssl2            Error (expected as remote server has disabled SSLv2)
openssl s_client -connect api.samurai.feefighters.com:443 -ssl3            Works
openssl s_client -connect api.samurai.feefighters.com:443 -tls1            Works
openssl s_client -connect api.samurai.feefighters.com:443 -tls1_1       Error
openssl s_client -connect api.samurai.feefighters.com:443 -tls1_2       Error

openssl s_client -connect api.samurai.feefighters.com:443 -no_ssl2       Error
openssl s_client -connect api.samurai.feefighters.com:443 -no_ssl3       Error
openssl s_client -connect api.samurai.feefighters.com:443 -no_tls1       Error
openssl s_client -connect api.samurai.feefighters.com:443 -no_tls1_1  Works
openssl s_client -connect api.samurai.feefighters.com:443 -no_tls1_2  Error

The second to last line demonstrates to me that the remote server is
configured to prefer TLSv1.1, and somewhere there is a bug which is
causing the connection to fail when using TLSv1.1. There is also an
error when using TLSv1.2 but I am uncertain if the remote server
supports TLSv1.2

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1035558

Title:
  SSL handshake error when connecting to api.samurai.feefighters.com

Status in “openssl” package in Ubuntu:
  New

Bug description:
  I am receiving an SSL handshake error when connecting to my credit
  card gateway. Ubuntu version is 12.04. OpenSSL version is
  1.0.1-4ubuntu5.3. Server is running on an OpenStack VPS

  I can connect to the gateway without errors from Ubuntu 10.04 and
  Fedora 17. Interestingly, if I specify SSLv3 (openssl s_client
  -connect api.samurai.feefighters.com:443 -ssl3) then I can connect
  without errors. I find that interesting and unexpected becuase
  api.samura.feefighters.com does not accept SSLv2 connections, and
  because I understand that the version of OpenSSL included in Ubuntu
  12.04 is compiled without SSLv2 support.

  I have attached the output of "openssl s_client -connect
  api.samurai.feefighters.com:443 -debug"

  Let me know if there is any other information I can provide.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1035558/+subscriptions

More information about the foundations-bugs mailing list