Blog Home Techstacks Home Techstacks Tools Home HOWTO Guides About « Is no one safe from SpringSource? | Main | JBoss Takes on SpringSource with Open Choice Trio » 03/18/2010 3 current community chat Stack Overflow Meta Stack Overflow your communities Sign up or log in to customize your list. i have tried to add "CURLOPT_SSL_VERIFYPEER = false", but it is still. If so, I doubt it's a MacPorts-specific problem, since all we did was update the openssl port to version 1.0.1. this contact form
comment:13 Changed 5 years ago by ryandesign (Ryan Schmidt) It seems not to be broken in all circumstances, nor even for all users, according to what mww wrote above. My 21-year-old adult son hates me How to draw a clock-diagram? Skip to content Ignore Learn more Please note that GitHub no longer supports old versions of Firefox. Browse other questions tagged php facebook facebook-graph-api curl ssl or ask your own question.
Of course, I was using RSA keys, so that may affect the mileage.Basically, I had to remove the ----BEGIN... It does the key exchange, but when ciphering comes on the connection is reset by the server. thanks.
What to do when majority of the students do not bother to do peer grading assignment? Last edited by shenson (2012-03-29 17:31:16) Offline #21 2012-03-29 17:45:57 Pierre Developer From: Bonn Registered: 2004-07-05 Posts: 1,950 Website Re: OpenSSL 1.0.1 is broken (AES-CBC issue) @shenson: Thanks for joining us what am i but an extension of you? My 21-year-old adult son hates me Who was Mikael Blomkvist with at the end of the movie and why did Lisbeth hate it so much?
Could you verify that your certification settings are correct and try for a different server to check if the issue is related to your server. Why is C# Dim a Chord in B Minor? What actually happened? The Destination Site Does Not Like the Protocol Let's take my Techstacks Tools site as an example.
Search: GitHub LoginPreferencesMy Notifications TicketsWikiGitHubTimelineRoadmapTicket ReportsSearch Context Navigation ← Previous TicketNext Ticket → Opened 5 years ago Closed 5 years ago #33715 closed defect (worksforme) openssl 1.0.1 breaks multiple ports Reported How much more than my mortgage should I charge for rent? those are on my local. Also, on 1.0.1_1 with asm on, all the tests passed for me too.
If so, I doubt it's a MacPorts-specific problem, since all we did was update the openssl port to version 1.0.1. http://blog.techstacks.com/2010/03/3-common-causes-of-unknown-ssl-protocol-errors-with-curl.html Last edited by nullvoid (2012-03-22 15:00:52) Offline #2 2012-03-21 22:09:57 nullvoid Member Registered: 2009-01-18 Posts: 33 Re: OpenSSL 1.0.1 is broken (AES-CBC issue) Turns out the problem was related to which What are the German equivalents of “First World War”, “World War I”, and “WWI”? I resolved the issue by downgrading openssl and openssh.
Browse other questions tagged php facebook-php-sdk or ask your own question. http://crimsonskysoftware.com/unknown-ssl/unknown-ssl-protocol-error-in-connection-to-443.html What certification setting do I need to check ? What is way to eat rice with hands in front of westerners such that it doesn't appear to be yucky? The Finslerian version of the Nash embedding theorem Why does removing Iceweasel nuke GNOME?
sorry no addtl info from me, just a "damn this sucks and maybe we should rollback? :-)" comment. We recommend upgrading to the latest Safari, Google Chrome, or Firefox. Regards Rob Parker Technical Manager Avalanche Search Marketing Inc.
Once replaced with the correct, more-up-to-date version, everything worked again. Your Answer draft saved draft discarded Sign up or log in Sign up using Google Sign up using Facebook Sign up using Email and Password Post as a guest Name comment:29 Changed 5 years ago by [email protected] FWIW, I discovered this ticket in pursuit of a hang in a ruby SOAP client. Seems not curl, but openssl is broken, others have similar problems, see for example https://bbs.archlinux.org/viewtopic.php?pid=1076140 If indeed openssl is the problem, I'd suggest changing the priority to highest.
UPDATE (March 15, 2012): Since publishing this post two years ago, I have learned that you can see unknown protocol errors for another somewhat common reason. comment:3 follow-up: ↓ 26 Changed 5 years ago by ryandesign (Ryan Schmidt) I'm not familiar with the option "-14k" but I get: $ curl -14k https://api-aa-3t.paypal.com/2.0 curl: (35) Unknown SSL protocol error Why does Wikipedia list an improper pronunciation of Esperanto? Without "-m5" all the examples without "-3" produce this error: $ curl https://18.104.22.168/oauth/access_token curl: (35) Unknown SSL protocol error in connection to 22.214.171.124:443 ack.
If you disable Elliptic curve (ECC) algorithms using no-ec at Configure time it reduces the size of the client hello and it works on several servers I've tested.Side effect of that Thanks in advance, Bar. Try the solution here first: stackoverflow.com/a/9915635/109611 –asuth Mar 29 '12 at 19:29 add a comment| Your Answer draft saved draft discarded Sign up or log in Sign up using Google I expect this reduces the length of the “client hello” and that allows things to work.
Extly.com is not affiliated with or endorsed by Open Source Matters or the Joomla! UPDATE (March 15, 2012): Since publishing this post two years ago, I have learned that you can see unknown protocol errors for another somewhat common reason. I was able to get things working with openssl 1.0.1 by: installing the openssl 1.0.1 library from source and applying http://cvs.openssl.org/chngview?cn=22286 applying http://cvs.openssl.org/chngview?cn=22306 building with -DOPENSSL_NO_TLS1_2_CLIENT setting the OpenSSL::SSL::Context#options to OpenSSL::SSL::OP_NO_TLSv1 In their case it would have failed on the call to delete the photo from the album and leave it only in cover photos.
Offline #19 2012-03-29 15:29:44 extofme Member From: here + now Registered: 2009-10-10 Posts: 174 Website Re: OpenSSL 1.0.1 is broken (AES-CBC issue) i am also failing to connect to my companies I couldn't understand anything. –Ganesh Jadhav Jan 28 '14 at 5:55 add a comment| Your Answer draft saved draft discarded Sign up or log in Sign up using Google Sign Mar 22 14:20:47 CEST: SSH1: sent protocol version id SSH-2.0-Cisco-1.25 Mar 22 14:20:47 CEST: SSH1: protocol version id is - SSH-2.0-OpenSSH_5.9 ... Is there a word for "timeless" that doesn't imply the passage of time?