[Bug 1636124] Re: openssl lacks support for TLSv1 and TLSv1.1

Marc Deslauriers marc.deslauriers at canonical.com
Mon Oct 24 16:37:20 UTC 2016 

OpenSSL in Ubuntu 16.04 LTS does include support for TLSv1 and TLSv1.1:

$ openssl s_client -connect www.ubuntu.com:443 -tls1
CONNECTED(00000003)
<snip> 
New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES128-SHA
<snip>
    Protocol  : TLSv1
    Cipher    : ECDHE-RSA-AES128-SHA

$ openssl s_client -connect www.ubuntu.com:443 -tls1_1
CONNECTED(00000003)
<snip> 
New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES128-SHA
<snip>
    Protocol  : TLSv1.1
    Cipher    : ECDHE-RSA-AES128-SHA


Could you please give details about your server configuration?


** Changed in: openssl (Ubuntu)
       Status: New => Incomplete

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1636124

Title:
  openssl lacks support for TLSv1 and TLSv1.1

Status in openssl package in Ubuntu:
  Incomplete

Bug description:
  OpenSSL in xenial (16.04) apparently lacks ciphers for both TLSv1 and
  TLSv1.1. This is causing problems, as my wife's mobile phone with an
  older version of Android does not support TLSv1.2 and thus cannot
  connect to my server running on 16.04 (Apache with mod_ssl).

  Can you please rebuild OpenSSL with the secure ciphers from TLSv1 and
  TLSv1.1 enabled?

  For reference, this list should also include TLSv1 and TLSv1.1: 
  openssl ciphers -v | awk '{print $2}' | sort | uniq
  SSLv3
  TLSv1.2

  ProblemType: Bug
  DistroRelease: Ubuntu 16.04
  Package: openssl 1.0.2g-1ubuntu4.5
  ProcVersionSignature: Ubuntu 4.4.0-45.66-generic 4.4.21
  Uname: Linux 4.4.0-45-generic x86_64
  ApportVersion: 2.20.1-0ubuntu2.1
  Architecture: amd64
  Date: Mon Oct 24 10:27:58 2016
  InstallationDate: Installed on 2014-04-18 (919 days ago)
  InstallationMedia: Ubuntu-Server 14.04 LTS "Trusty Tahr" - Release amd64 (20140416.2)
  ProcEnviron:
   TERM=xterm-256color
   PATH=(custom, no user)
   XDG_RUNTIME_DIR=<set>
   LANG=de_DE.UTF-8
   SHELL=/bin/bash
  SourcePackage: openssl
  UpgradeStatus: Upgraded to xenial on 2016-07-30 (86 days ago)
  modified.conffile..etc.ssl.openssl.cnf: [modified]
  mtime.conffile..etc.ssl.openssl.cnf: 2015-06-05T16:54:36.431443

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1636124/+subscriptions

More information about the foundations-bugs mailing list