Actually, it seems that most programs ignore the openssl.cnf anyway for security(?) reasons. Played a bit with MinTlsVersion and it did not change the request which is being sent. Luckily I could ask the DevOps for the nginx versions used and they have versions with the openssl 3 fix; that comes with nginx 1.21.2. Maybe there is a firewall setting causing this. Would not be the first time, hah... I will see.
But anwyay, as the openssl.cnf is ignored anyway this report is quite invalid - does not help. :-D -- That error message has sent me on a journey, o dear. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssl in Ubuntu. https://bugs.launchpad.net/bugs/2055304 Title: openssl 3.0.2 backport IgnoreUnexpectedEOF ssl config option from 3.2 Status in openssl package in Ubuntu: New Bug description: I get "Closing connection 0 curl: (35) error:0A000126:SSL routines::unexpected eof while reading" accessing some web servers. AFAIS "SSL_OP_IGNORE_UNEXPECTED_EOF" can help here. With 3.2[0] it can be configured in openssl.cnf, whereas 3.0[1] cannot. Would you mind to backport the mini patch[2] to be configured with 3.0, too? Example: $ tail -n 3 /etc/ssl/openssl.cnf [system_default_sect] CipherString = DEFAULT:@SECLEVEL=2 Options = IgnoreUnexpectedEOF [0] https://www.openssl.org/docs/man3.2/man3/SSL_CONF_cmd.html [1] https://www.openssl.org/docs/man3.0/man3/SSL_CONF_cmd.html [2] https://github.com/openssl/openssl/commit/51cf034433d528876f3c235c5150c5acfe88f24d To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/2055304/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
