we have quite the same problem in 22.04
we use openvpn client with PKI
Apr 13 16:51:56 openvpn[12898]: PKCS#11: pkcs11_terminate - entered
Apr 13 16:51:56 openvpn[12898]: PKCS#11: pkcs11h_terminate entry
Apr 13 16:51:56 openvpn[12898]: PKCS#11: Terminating openssl
Apr 13 16:51:56 openvpn[12898]: PKCS#11: _pkcs11h_openssl_terminate
Apr 13 16:51:56 openvpn[12898]: PKCS#11: Removing providers
Apr 13 16:51:56 openvpn[12898]: PKCS#11: pkcs11h_removeProvider entry
reference='/usr/lib/libeToken.so'
Apr 13 16:51:56 openvpn[12898]: PKCS#11: Removing provider
'/usr/lib/libeToken.so'
Apr 13 16:51:56 vpn-manager[12866]: recv:
>STATE:1649861516,EXITING,init_instance,,,,,
Apr 13 16:51:56 openvpn[12898]: PKCS#11: _pkcs11h_slotevent_notify entry
Apr 13 16:51:56 openvpn[12898]: PKCS#11: _pkcs11h_slotevent_notify return
Apr 13 16:51:56 openvpn[12898]: PKCS#11: pkcs11h_removeProvider return
rv=0-'CKR_OK'
Apr 13 16:51:56 openvpn[12898]: PKCS#11: Releasing sessions
Apr 13 16:51:56 openvpn[12898]: PKCS#11: pkcs11h_token_freeTokenId entry
certificate_id=0x55c6e7e9a0b0
Apr 13 16:51:56 openvpn[12898]: PKCS#11: pkcs11h_token_freeTokenId return
Apr 13 16:51:56 openvpn[12898]: PKCS#11:
pkcs11h_certificate_freeCertificateIdList entry cert_id_list=(nil)
Apr 13 16:51:56 openvpn[12898]: PKCS#11:
pkcs11h_certificate_freeCertificateIdList return
Apr 13 16:51:56 openvpn[12898]: PKCS#11: Terminating slotevent
Apr 13 16:51:56 openvpn[12898]: PKCS#11: _pkcs11h_slotevent_terminate entry
Apr 13 16:51:56 openvpn[12898]: PKCS#11: _pkcs11h_slotevent_terminate return
Apr 13 16:51:56 openvpn[12898]: PKCS#11: Marking as uninitialized
Apr 13 16:51:56 openvpn[12898]: PKCS#11: pkcs11_terminate - return
but TLS seems to be expected SSLv3
Apr 13 16:51:54 openvpn[12898]: Incoming Ciphertext -> TLS
Apr 13 16:51:54 openvpn[12898]: SSL state (connect): SSLv3/TLS read server
certificate
Apr 13 16:51:54 openvpn[12898]: SSL alert (write): fatal: internal error
Apr 13 16:51:54 openvpn[12898]: OpenSSL: error:0A0C0103:SSL routines::internal
error
Apr 13 16:51:54 openvpn[12898]: TLS_ERROR: BIO read tls_read_plaintext error
Apr 13 16:51:54 openvpn[12898]: TLS Error: TLS object -> incoming plaintext
read error
Apr 13 16:51:54 openvpn[12898]: TLS Error: TLS handshake failed
dpkg -l | grep openvpn
ii network-manager-openvpn 1.8.18-1
amd64 network management framework (OpenVPN plugin core)
ii network-manager-openvpn-gnome 1.8.18-1
amd64 network management framework (OpenVPN plugin GNOME
GUI)
ii openvpn 2.5.5-1ubuntu3
amd64 virtual private network daemon
dpkg -l | grep openssl
ii libengine-pkcs11-openssl:amd64 0.4.11-1build3
amd64 OpenSSL engine for PKCS#11 modules
ii libxmlsec1-openssl:amd64 1.2.33-1build2
amd64 Openssl engine for the XML security library
ii openssl 3.0.2-0ubuntu1
amd64 Secure Sockets Layer toolkit - cryptographic
utility
ii perl-openssl-defaults:amd64 5build2
amd64 version compatibility baseline for Perl OpenSSL
packages
dpkg -l | grep opensc
ii opensc 0.22.0-1ubuntu2
amd64 Smart card utilities with support for PKCS#15
compatible cards
ii opensc-pkcs11:amd64 0.22.0-1ubuntu2
amd64 Smart card utilities with support for PKCS#15
compatible cards
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1960268
Title:
SSL handshake failed - VPN SSL broken in 22.04
Status in openssl package in Ubuntu:
Incomplete
Bug description:
I'm trying to connect with global protect VPN but fails at login with:
SSL handshake failed
Failed to load URL https://...
QtNetwork Error 6
Another VPN client does work but the rdp connection to a remote server fails
with:
transport_connect_tls:freerdp_set_last_error_ex ERRCONNECT_TLS_CONNECT_FAILED
---
ProblemType: Bug
ApportVersion: 2.20.11-0ubuntu76
Architecture: amd64
CasperMD5CheckResult: unknown
CurrentDesktop: KDE
DistroRelease: Ubuntu 21.10
InstallationDate: Installed on 2021-03-19 (325 days ago)
InstallationMedia: Kubuntu 20.10 "Groovy Gorilla" - Release amd64 (20201022)
Package: openssl 3.0.1-0ubuntu1
PackageArchitecture: amd64
ProcVersionSignature: Ubuntu 5.15.0-18.18-generic 5.15.12
Tags: wayland-session impish
Uname: Linux 5.15.0-18-generic x86_64
UpgradeStatus: Upgraded to impish on 2022-02-04 (3 days ago)
UserGroups: adm cdrom dialout dip docker input lpadmin lxd plugdev sambashare
sudo uinput
_MarkForUpload: True
---
ProblemType: Bug
ApportVersion: 2.20.11-0ubuntu76
Architecture: amd64
CasperMD5CheckResult: unknown
CurrentDesktop: KDE
DistroRelease: Ubuntu 22.04
InstallationDate: Installed on 2021-03-19 (325 days ago)
InstallationMedia: Kubuntu 20.10 "Groovy Gorilla" - Release amd64 (20201022)
Package: openssl 3.0.1-0ubuntu1
PackageArchitecture: amd64
ProcVersionSignature: Ubuntu 5.15.0-18.18-generic 5.15.12
Tags: wayland-session jammy
Uname: Linux 5.15.0-18-generic x86_64
UpgradeStatus: Upgraded to jammy on 2022-02-04 (3 days ago)
UserGroups: adm cdrom dialout dip docker input lpadmin lxd plugdev sambashare
sudo uinput
_MarkForUpload: True
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1960268/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
