It looks like the servers listed in the bug description require SIGN- RSA-SHA384, which gnutls26 doesn't support.
The issue can be reproduced with gnutls28 by disabling the additional signature algorithms: gnutls-cli --priority "NORMAL:-SIGN-ECDSA-SHA256:-SIGN-RSA-SHA384:-SIGN- ECDSA-SHA384:-SIGN-RSA-SHA512:-SIGN-ECDSA-SHA512:-SIGN-RSA-SHA224:-SIGN- DSA-SHA224:-SIGN-ECDSA-SHA224:-SIGN-ECDSA-SHA1" -d 256 sequencewiz.com Fixing this likely requires at least the following commit to be backported: https://gitlab.com/gnutls/gnutls/commit/75b493132239e824d671f4b09d1dfd0f7ca6a8b1 -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to gnutls26 in Ubuntu. https://bugs.launchpad.net/bugs/1444656 Title: GnuTLS TLS 1.2 handshake failure Status in gnutls26 package in Ubuntu: Invalid Status in gnutls26 source package in Trusty: Triaged Bug description: I'm experiencing the same issue as here: http://comments.gmane.org/gmane.network.gnutls.general/3713 I came across a SSL handshake problem with gnutls-cli when connecting to some websites, see below. It is somehow specific to gnutls as openssl/Chrome/Firefox can connect fine. Is this is a bug in gnutls or do you have any ideas how to troubleshoot it? $ gnutls-cli --version gnutls-cli (GnuTLS) 2.12.23 Packaged by Debian (2.12.23-12ubuntu2.1) $ gnutls-cli www.openlearning.com Resolving 'www.openlearning.com'... Connecting to '119.9.9.205:443'... *** Fatal error: A TLS fatal alert has been received. *** Received alert [40]: Handshake failed *** Handshake has failed GnuTLS error: A TLS fatal alert has been received. $ gnutls-cli sequencewiz.com Resolving 'sequencewiz.com'... Connecting to '50.112.144.117:443'... *** Fatal error: A TLS packet with unexpected length was received. *** Handshake has failed GnuTLS error: A TLS packet with unexpected length was received. Thank you, Please back port the latest GnuTLS to Trusty as it is an LTS release and clearly GnuTLS 2.12 is an old branch. I've also attached packet captures of this. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gnutls26/+bug/1444656/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
