Your message dated Wed, 02 Dec 2015 08:49:10 +0200
with message-id <[email protected]>
and subject line Re: Bug#806426: Some TLS certificates not suppoprted
has caused the Debian Bug report #806426,
regarding Some TLS certificates not suppoprted
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
806426: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=806426
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: libgnutls-deb0-28
Version: 3.3.8-6+deb8u3
I can't connect to many https hosts using Debian 8.2:
$ gnutls-cli google.com
Processed 173 CA certificate(s).
Resolving 'google.com'...
Connecting to '216.58.209.142:443'...
|<1>| Received record packet of unknown type 72
*** Fatal error: An unexpected TLS packet was received.
*** Handshake has failed
GnuTLS error: An unexpected TLS packet was received.
$ gnutls-cli freedns.afraid.org
Processed 173 CA certificate(s).
Resolving 'freedns.afraid.org'...
Connecting to '50.23.197.94:443'...
|<1>| Received record packet of unknown type 72
*** Fatal error: An unexpected TLS packet was received.
*** Handshake has failed
GnuTLS error: An unexpected TLS packet was received.
$ wget https://google.com
converted 'https://google.com' (ANSI_X3.4-1968) -> 'https://google.com'
(UTF-8)
--2015-11-27 14:05:55-- https://google.com/
Resolving google.com (google.com)... 216.58.209.142,
2a00:1450:400f:804::200e
Connecting to google.com (google.com)|216.58.209.142|:443... connected.
GnuTLS: An unexpected TLS packet was received.
Unable to establish SSL connection.
--- End Message ---
--- Begin Message ---
On Wed 2015-12-02 07:12:36 +0200, Aleś Bułojčyk wrote:
> On 30 November 2015 at 22:42, Daniel Kahn Gillmor <[email protected]>
> wrote:
>>
>> This is bizarre and looks to me like a packet being tampered with on the
>> wire.
>
> You are right. It was my wrong firewall rules for 443->4443 port forwarding
> for be able to run server on non-privileged port.
>
> I'm terrible sorry. After disable this firewall rule, I'm able to connect
> to all https without problem.
I'm glad you figured it out! Thanks for reporting back and letting us
know. This message should close the bug.
All the best,
--dkg
--- End Message ---