Here is the output from a machine connecting to my server, once with it running 1.0.1c and also with it running 1.0.1e. I have spent hours trying to work this issue. I have it down to this: I have a two bootable partitions on my computer. The only relevant difference between them is the first has 1.0.1c, and the other has 1.0.1e. All other packages (Apache httpd, etc.) are the same versions between both. In particular, the contents of /etc/ssl, /usr/local/apache2/conf, the certificate files, etc., are all identical.
I can gather any debugging output needed. But does anyone have any idea, from this log, as to where to begin? I can certainly collect packet traces, etc. Thanks in advance for any suggestions! Successful connection using 1.0.1c: $ curl -v https://smtp.thesiblingrevelry.net * About to connect() to smtp.thesiblingrevelry.net port 443 (#0) * Trying 173.11.83.161... connected * Connected to smtp.thesiblingrevelry.net (173.11.83.161) port 443 (#0) * successfully set certificate verify locations: * CAfile: none CApath: /etc/ssl/certs * SSLv3, TLS handshake, Client hello (1): * SSLv3, TLS handshake, Server hello (2): * SSLv3, TLS handshake, CERT (11): * SSLv3, TLS handshake, Server key exchange (12): * SSLv3, TLS handshake, Server finished (14): * SSLv3, TLS handshake, Client key exchange (16): * SSLv3, TLS change cipher, Client hello (1): * SSLv3, TLS handshake, Finished (20): * SSLv3, TLS change cipher, Client hello (1): * SSLv3, TLS handshake, Finished (20): * SSL connection using DHE-RSA-AES256-SHA * Server certificate: * subject: O=smtp.thesiblingrevelry.net; OU=Domain Control Validated; CN=smtp.thesiblingrevelry.net * start date: 2009-04-02 18:08:35 GMT * expire date: 2019-04-02 18:08:35 GMT * subjectAltName: smtp.thesiblingrevelry.net matched * issuer: C=US; ST=Arizona; L=Scottsdale; O=GoDaddy.com, Inc.; OU=http://certificates.godaddy.com/repository; CN=Go Daddy Secure Certification Authority; serialNumber=07969287 * SSL certificate verify ok. > GET / HTTP/1.1 > User-Agent: curl/7.21.0 (i486-pc-linux-gnu) libcurl/7.21.0 OpenSSL/0.9.8o zlib/1.2.3.4 libidn/1.15 libssh2/1.2.6 > Host: smtp.thesiblingrevelry.net > Accept: */* > < HTTP/1.1 200 OK < Date: Sun, 17 Feb 2013 21:46:29 GMT < Server: Apache/2.4.3 (Unix) PHP/5.4.11 OpenSSL/1.0.1c < Last-Modified: Fri, 09 Nov 2012 17:38:03 GMT < ETag: "9e-4ce136b600d00" < Accept-Ranges: bytes < Content-Length: 158 < Content-Type: text/html < <HTML> <HEAD> <TITLE>The Sibling Revelry SMTP Support</TITLE> </HEAD> <BODY> There is nothing interesting at this level; go to another. </BODY> </HTML> * Connection #0 to host smtp.thesiblingrevelry.net left intact * Closing connection #0 * SSLv3, TLS alert, Client hello (1): FAILED connection with 1.0.1e: $ !! curl -v https://smtp.thesiblingrevelry.net * About to connect() to smtp.thesiblingrevelry.net port 443 (#0) * Trying 173.11.83.161... connected * Connected to smtp.thesiblingrevelry.net (173.11.83.161) port 443 (#0) * successfully set certificate verify locations: * CAfile: none CApath: /etc/ssl/certs * SSLv3, TLS handshake, Client hello (1): * SSLv3, TLS handshake, Server hello (2): * SSLv3, TLS handshake, CERT (11): * SSLv3, TLS handshake, Server key exchange (12): * SSLv3, TLS handshake, Server finished (14): * SSLv3, TLS handshake, Client key exchange (16): * SSLv3, TLS change cipher, Client hello (1): * SSLv3, TLS handshake, Finished (20): * Unknown SSL protocol error in connection to smtp.thesiblingrevelry.net:443 * Closing connection #0 curl: (35) Unknown SSL protocol error in connection to smtp.thesiblingrevelry.net:443 ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
