After Ubuntu update to 18.4 SSL Error: bad extension





.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty{ margin-bottom:0;
}







0















After a update to 18.4 i cannot use ssl anymore. I can still load the page with firefox.



Example 1:



openssl s_client -connect www.python.org:443 -tls1_2

CONNECTED(00000003)

140370126008768:error:141B306E:SSL routines:tls_collect_extensions:bad            extension:ssl/statem/extensions.c:391:

---

no peer certificate available

---

No client certificate CA names sent

---

SSL handshake has read 70 bytes and written 183 bytes

Verification: OK

---

New, (NONE), Cipher is (NONE)

Secure Renegotiation IS NOT supported

Compression: NONE

Expansion: NONE

No ALPN negotiated

SSL-Session:

Protocol  : TLSv1.2

Cipher    : 0000

Session-ID: 

Session-ID-ctx: 

Master-Key: 

PSK identity: None

PSK identity hint: None

SRP username: None

Start Time: 1533142828

Timeout   : 7200 (sec)

Verify return code: 0 (ok)

Extended master secret: no

---


Example 2:



curl https://pypi.org -v

* Rebuilt URL to: https://pypi.org/

*   Trying 2a04:4e42:600::223...

* TCP_NODELAY set

* Connected to pypi.org (2a04:4e42:600::223) port 443 (#0)

* ALPN, offering h2

* ALPN, offering http/1.1

* successfully set certificate verify locations:

*   CAfile: /etc/ssl/certs/ca-certificates.crt

  CApath: /etc/ssl/certs

* TLSv1.2 (OUT), TLS handshake, Client hello (1):

* TLSv1.2 (IN), TLS handshake, Server hello (2):

* TLSv1.2 (OUT), TLS alert, Server hello (2):

* error:141B306E:SSL routines:tls_collect_extensions:bad extension

* stopped the pause stream!

* Closing connection 0


curl: (35) error:141B306E:SSL routines:tls_collect_extensions:bad extension



My openssl version:



 OpenSSL 1.1.0g  2 Nov 2017 (Library: OpenSSL 1.1.1-dev  xx XXX xxxx)

built on: reproducible build, date unspecified

platform: linux-x86_64

compiler: gcc -DDSO_DLFCN -DHAVE_DLFCN_H -DNDEBUG -DOPENSSL_THREADS -DOPENSSL_NO_STATIC_ENGINE -DOPENSSL_PIC -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DPADLOCK_ASM -DPOLY1305_ASM -DOPENSSLDIR=""/usr/local/ssl"" -DENGINESDIR=""/usr/local/lib/engines-1.1""  -Wa,--noexecstack

OPENSSLDIR: "/usr/local/ssl"

ENGINESDIR: "/usr/local/lib/engines-1.1"


I tried to reinstall openssl and update the ca-certificates.
What else could i try?



I hope you can help me.






18.04 ssl openssl tls







share|improve this question




















  • 1





    The filename given for the error is suspicious "ssl/statem/extensions.c". AFAIK Ubuntu 18.04 is based on OpenSSL 1.1.0g (that's what I've got on my 18.04 installation), but the file above is very new. It has been introduced in the new 1.1.1 version of OpenSSL which is still in beta testing. Do you have more than one version of OpenSSL on your machine? What does which openssl report, and openssl version?

    – Matt Caswell
    Aug 2 '18 at 8:14











  • It is just one. Okay is this correct? openssl version: OpenSSL 1.1.0g 2 Nov 2017 (Library: OpenSSL 1.1.1-dev xx XXX xxxx)

    – TopGun
    Aug 2 '18 at 15:20













  • Your openssl version output is not normal. It reveals that the openssl command line application version is 1.1.0g (as per the standard version in Ubuntu), but the openssl library version is 1.1.1-dev, i.e. a development version of the new 1.1.1 release that is still in beta testing. You didn't tell me the output from which openssl, but I'm assuming it is /usr/bin/openssl. What is the output from ldd /usr/bin/openssl? Please also show what echo $LD_LIBRARY_PATH gives you.

    – Matt Caswell
    Aug 2 '18 at 20:45













  • Thanks for your help. I needed to work so i decided to reinstall the os, because this was the fastest way for me fixing it. Now everything works fine:)

    – TopGun
    Aug 4 '18 at 9:32


















0















After a update to 18.4 i cannot use ssl anymore. I can still load the page with firefox.



Example 1:



openssl s_client -connect www.python.org:443 -tls1_2

CONNECTED(00000003)

140370126008768:error:141B306E:SSL routines:tls_collect_extensions:bad            extension:ssl/statem/extensions.c:391:

---

no peer certificate available

---

No client certificate CA names sent

---

SSL handshake has read 70 bytes and written 183 bytes

Verification: OK

---

New, (NONE), Cipher is (NONE)

Secure Renegotiation IS NOT supported

Compression: NONE

Expansion: NONE

No ALPN negotiated

SSL-Session:

Protocol  : TLSv1.2

Cipher    : 0000

Session-ID: 

Session-ID-ctx: 

Master-Key: 

PSK identity: None

PSK identity hint: None

SRP username: None

Start Time: 1533142828

Timeout   : 7200 (sec)

Verify return code: 0 (ok)

Extended master secret: no

---


Example 2:



curl https://pypi.org -v

* Rebuilt URL to: https://pypi.org/

*   Trying 2a04:4e42:600::223...

* TCP_NODELAY set

* Connected to pypi.org (2a04:4e42:600::223) port 443 (#0)

* ALPN, offering h2

* ALPN, offering http/1.1

* successfully set certificate verify locations:

*   CAfile: /etc/ssl/certs/ca-certificates.crt

  CApath: /etc/ssl/certs

* TLSv1.2 (OUT), TLS handshake, Client hello (1):

* TLSv1.2 (IN), TLS handshake, Server hello (2):

* TLSv1.2 (OUT), TLS alert, Server hello (2):

* error:141B306E:SSL routines:tls_collect_extensions:bad extension

* stopped the pause stream!

* Closing connection 0


curl: (35) error:141B306E:SSL routines:tls_collect_extensions:bad extension



My openssl version:



 OpenSSL 1.1.0g  2 Nov 2017 (Library: OpenSSL 1.1.1-dev  xx XXX xxxx)

built on: reproducible build, date unspecified

platform: linux-x86_64

compiler: gcc -DDSO_DLFCN -DHAVE_DLFCN_H -DNDEBUG -DOPENSSL_THREADS -DOPENSSL_NO_STATIC_ENGINE -DOPENSSL_PIC -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DPADLOCK_ASM -DPOLY1305_ASM -DOPENSSLDIR=""/usr/local/ssl"" -DENGINESDIR=""/usr/local/lib/engines-1.1""  -Wa,--noexecstack

OPENSSLDIR: "/usr/local/ssl"

ENGINESDIR: "/usr/local/lib/engines-1.1"


I tried to reinstall openssl and update the ca-certificates.
What else could i try?



I hope you can help me.






18.04 ssl openssl tls







share|improve this question




















  • 1





    The filename given for the error is suspicious "ssl/statem/extensions.c". AFAIK Ubuntu 18.04 is based on OpenSSL 1.1.0g (that's what I've got on my 18.04 installation), but the file above is very new. It has been introduced in the new 1.1.1 version of OpenSSL which is still in beta testing. Do you have more than one version of OpenSSL on your machine? What does which openssl report, and openssl version?

    – Matt Caswell
    Aug 2 '18 at 8:14











  • It is just one. Okay is this correct? openssl version: OpenSSL 1.1.0g 2 Nov 2017 (Library: OpenSSL 1.1.1-dev xx XXX xxxx)

    – TopGun
    Aug 2 '18 at 15:20













  • Your openssl version output is not normal. It reveals that the openssl command line application version is 1.1.0g (as per the standard version in Ubuntu), but the openssl library version is 1.1.1-dev, i.e. a development version of the new 1.1.1 release that is still in beta testing. You didn't tell me the output from which openssl, but I'm assuming it is /usr/bin/openssl. What is the output from ldd /usr/bin/openssl? Please also show what echo $LD_LIBRARY_PATH gives you.

    – Matt Caswell
    Aug 2 '18 at 20:45













  • Thanks for your help. I needed to work so i decided to reinstall the os, because this was the fastest way for me fixing it. Now everything works fine:)

    – TopGun
    Aug 4 '18 at 9:32














0












0








0








After a update to 18.4 i cannot use ssl anymore. I can still load the page with firefox.



Example 1:



openssl s_client -connect www.python.org:443 -tls1_2

CONNECTED(00000003)

140370126008768:error:141B306E:SSL routines:tls_collect_extensions:bad            extension:ssl/statem/extensions.c:391:

---

no peer certificate available

---

No client certificate CA names sent

---

SSL handshake has read 70 bytes and written 183 bytes

Verification: OK

---

New, (NONE), Cipher is (NONE)

Secure Renegotiation IS NOT supported

Compression: NONE

Expansion: NONE

No ALPN negotiated

SSL-Session:

Protocol  : TLSv1.2

Cipher    : 0000

Session-ID: 

Session-ID-ctx: 

Master-Key: 

PSK identity: None

PSK identity hint: None

SRP username: None

Start Time: 1533142828

Timeout   : 7200 (sec)

Verify return code: 0 (ok)

Extended master secret: no

---


Example 2:



curl https://pypi.org -v

* Rebuilt URL to: https://pypi.org/

*   Trying 2a04:4e42:600::223...

* TCP_NODELAY set

* Connected to pypi.org (2a04:4e42:600::223) port 443 (#0)

* ALPN, offering h2

* ALPN, offering http/1.1

* successfully set certificate verify locations:

*   CAfile: /etc/ssl/certs/ca-certificates.crt

  CApath: /etc/ssl/certs

* TLSv1.2 (OUT), TLS handshake, Client hello (1):

* TLSv1.2 (IN), TLS handshake, Server hello (2):

* TLSv1.2 (OUT), TLS alert, Server hello (2):

* error:141B306E:SSL routines:tls_collect_extensions:bad extension

* stopped the pause stream!

* Closing connection 0


curl: (35) error:141B306E:SSL routines:tls_collect_extensions:bad extension



My openssl version:



 OpenSSL 1.1.0g  2 Nov 2017 (Library: OpenSSL 1.1.1-dev  xx XXX xxxx)

built on: reproducible build, date unspecified

platform: linux-x86_64

compiler: gcc -DDSO_DLFCN -DHAVE_DLFCN_H -DNDEBUG -DOPENSSL_THREADS -DOPENSSL_NO_STATIC_ENGINE -DOPENSSL_PIC -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DPADLOCK_ASM -DPOLY1305_ASM -DOPENSSLDIR=""/usr/local/ssl"" -DENGINESDIR=""/usr/local/lib/engines-1.1""  -Wa,--noexecstack

OPENSSLDIR: "/usr/local/ssl"

ENGINESDIR: "/usr/local/lib/engines-1.1"


I tried to reinstall openssl and update the ca-certificates.
What else could i try?



I hope you can help me.






18.04 ssl openssl tls







share|improve this question
















After a update to 18.4 i cannot use ssl anymore. I can still load the page with firefox.



Example 1:



openssl s_client -connect www.python.org:443 -tls1_2

CONNECTED(00000003)

140370126008768:error:141B306E:SSL routines:tls_collect_extensions:bad            extension:ssl/statem/extensions.c:391:

---

no peer certificate available

---

No client certificate CA names sent

---

SSL handshake has read 70 bytes and written 183 bytes

Verification: OK

---

New, (NONE), Cipher is (NONE)

Secure Renegotiation IS NOT supported

Compression: NONE

Expansion: NONE

No ALPN negotiated

SSL-Session:

Protocol  : TLSv1.2

Cipher    : 0000

Session-ID: 

Session-ID-ctx: 

Master-Key: 

PSK identity: None

PSK identity hint: None

SRP username: None

Start Time: 1533142828

Timeout   : 7200 (sec)

Verify return code: 0 (ok)

Extended master secret: no

---


Example 2:



curl https://pypi.org -v

* Rebuilt URL to: https://pypi.org/

*   Trying 2a04:4e42:600::223...

* TCP_NODELAY set

* Connected to pypi.org (2a04:4e42:600::223) port 443 (#0)

* ALPN, offering h2

* ALPN, offering http/1.1

* successfully set certificate verify locations:

*   CAfile: /etc/ssl/certs/ca-certificates.crt

  CApath: /etc/ssl/certs

* TLSv1.2 (OUT), TLS handshake, Client hello (1):

* TLSv1.2 (IN), TLS handshake, Server hello (2):

* TLSv1.2 (OUT), TLS alert, Server hello (2):

* error:141B306E:SSL routines:tls_collect_extensions:bad extension

* stopped the pause stream!

* Closing connection 0


curl: (35) error:141B306E:SSL routines:tls_collect_extensions:bad extension



My openssl version:



 OpenSSL 1.1.0g  2 Nov 2017 (Library: OpenSSL 1.1.1-dev  xx XXX xxxx)

built on: reproducible build, date unspecified

platform: linux-x86_64

compiler: gcc -DDSO_DLFCN -DHAVE_DLFCN_H -DNDEBUG -DOPENSSL_THREADS -DOPENSSL_NO_STATIC_ENGINE -DOPENSSL_PIC -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DPADLOCK_ASM -DPOLY1305_ASM -DOPENSSLDIR=""/usr/local/ssl"" -DENGINESDIR=""/usr/local/lib/engines-1.1""  -Wa,--noexecstack

OPENSSLDIR: "/usr/local/ssl"

ENGINESDIR: "/usr/local/lib/engines-1.1"


I tried to reinstall openssl and update the ca-certificates.
What else could i try?



I hope you can help me.






18.04 ssl openssl tls




18.04 ssl openssl tls






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited Aug 2 '18 at 15:44







TopGun

















asked Aug 1 '18 at 17:21









TopGunTopGun

11




11








  • 1





    The filename given for the error is suspicious "ssl/statem/extensions.c". AFAIK Ubuntu 18.04 is based on OpenSSL 1.1.0g (that's what I've got on my 18.04 installation), but the file above is very new. It has been introduced in the new 1.1.1 version of OpenSSL which is still in beta testing. Do you have more than one version of OpenSSL on your machine? What does which openssl report, and openssl version?

    – Matt Caswell
    Aug 2 '18 at 8:14











  • It is just one. Okay is this correct? openssl version: OpenSSL 1.1.0g 2 Nov 2017 (Library: OpenSSL 1.1.1-dev xx XXX xxxx)

    – TopGun
    Aug 2 '18 at 15:20













  • Your openssl version output is not normal. It reveals that the openssl command line application version is 1.1.0g (as per the standard version in Ubuntu), but the openssl library version is 1.1.1-dev, i.e. a development version of the new 1.1.1 release that is still in beta testing. You didn't tell me the output from which openssl, but I'm assuming it is /usr/bin/openssl. What is the output from ldd /usr/bin/openssl? Please also show what echo $LD_LIBRARY_PATH gives you.

    – Matt Caswell
    Aug 2 '18 at 20:45













  • Thanks for your help. I needed to work so i decided to reinstall the os, because this was the fastest way for me fixing it. Now everything works fine:)

    – TopGun
    Aug 4 '18 at 9:32














  • 1





    The filename given for the error is suspicious "ssl/statem/extensions.c". AFAIK Ubuntu 18.04 is based on OpenSSL 1.1.0g (that's what I've got on my 18.04 installation), but the file above is very new. It has been introduced in the new 1.1.1 version of OpenSSL which is still in beta testing. Do you have more than one version of OpenSSL on your machine? What does which openssl report, and openssl version?

    – Matt Caswell
    Aug 2 '18 at 8:14











  • It is just one. Okay is this correct? openssl version: OpenSSL 1.1.0g 2 Nov 2017 (Library: OpenSSL 1.1.1-dev xx XXX xxxx)

    – TopGun
    Aug 2 '18 at 15:20













  • Your openssl version output is not normal. It reveals that the openssl command line application version is 1.1.0g (as per the standard version in Ubuntu), but the openssl library version is 1.1.1-dev, i.e. a development version of the new 1.1.1 release that is still in beta testing. You didn't tell me the output from which openssl, but I'm assuming it is /usr/bin/openssl. What is the output from ldd /usr/bin/openssl? Please also show what echo $LD_LIBRARY_PATH gives you.

    – Matt Caswell
    Aug 2 '18 at 20:45













  • Thanks for your help. I needed to work so i decided to reinstall the os, because this was the fastest way for me fixing it. Now everything works fine:)

    – TopGun
    Aug 4 '18 at 9:32








1




1





The filename given for the error is suspicious "ssl/statem/extensions.c". AFAIK Ubuntu 18.04 is based on OpenSSL 1.1.0g (that's what I've got on my 18.04 installation), but the file above is very new. It has been introduced in the new 1.1.1 version of OpenSSL which is still in beta testing. Do you have more than one version of OpenSSL on your machine? What does which openssl report, and openssl version?

– Matt Caswell
Aug 2 '18 at 8:14





The filename given for the error is suspicious "ssl/statem/extensions.c". AFAIK Ubuntu 18.04 is based on OpenSSL 1.1.0g (that's what I've got on my 18.04 installation), but the file above is very new. It has been introduced in the new 1.1.1 version of OpenSSL which is still in beta testing. Do you have more than one version of OpenSSL on your machine? What does which openssl report, and openssl version?

– Matt Caswell
Aug 2 '18 at 8:14













It is just one. Okay is this correct? openssl version: OpenSSL 1.1.0g 2 Nov 2017 (Library: OpenSSL 1.1.1-dev xx XXX xxxx)

– TopGun
Aug 2 '18 at 15:20







It is just one. Okay is this correct? openssl version: OpenSSL 1.1.0g 2 Nov 2017 (Library: OpenSSL 1.1.1-dev xx XXX xxxx)

– TopGun
Aug 2 '18 at 15:20















Your openssl version output is not normal. It reveals that the openssl command line application version is 1.1.0g (as per the standard version in Ubuntu), but the openssl library version is 1.1.1-dev, i.e. a development version of the new 1.1.1 release that is still in beta testing. You didn't tell me the output from which openssl, but I'm assuming it is /usr/bin/openssl. What is the output from ldd /usr/bin/openssl? Please also show what echo $LD_LIBRARY_PATH gives you.

– Matt Caswell
Aug 2 '18 at 20:45







Your openssl version output is not normal. It reveals that the openssl command line application version is 1.1.0g (as per the standard version in Ubuntu), but the openssl library version is 1.1.1-dev, i.e. a development version of the new 1.1.1 release that is still in beta testing. You didn't tell me the output from which openssl, but I'm assuming it is /usr/bin/openssl. What is the output from ldd /usr/bin/openssl? Please also show what echo $LD_LIBRARY_PATH gives you.

– Matt Caswell
Aug 2 '18 at 20:45















Thanks for your help. I needed to work so i decided to reinstall the os, because this was the fastest way for me fixing it. Now everything works fine:)

– TopGun
Aug 4 '18 at 9:32





Thanks for your help. I needed to work so i decided to reinstall the os, because this was the fastest way for me fixing it. Now everything works fine:)

– TopGun
Aug 4 '18 at 9:32










1 Answer
1






active

oldest

votes


















0














I face a similar problem:



   curl https://pypi.org -v

    * Rebuilt URL to: https://pypi.org/

    *   Trying 2a04:4e42:400::223...

    * TCP_NODELAY set

    * Connected to pypi.org (2a04:4e42:400::223) port 443 (#0)

    * ALPN, offering h2

    * ALPN, offering http/1.1

    * successfully set certificate verify locations:

    *   CAfile: /etc/ssl/certs/ca-certificates.crt

      CApath: /etc/ssl/certs

    * TLSv1.2 (OUT), TLS handshake, Client hello (1):

    * TLSv1.2 (IN), TLS handshake, Server hello (2):

    * TLSv1.2 (IN), TLS handshake, Certificate (11):

    * TLSv1.2 (IN), TLS handshake, Server key exchange (12):

    * TLSv1.2 (IN), TLS handshake, Server finished (14):

    * TLSv1.2 (OUT), TLS handshake, Client key exchange (16):

    * TLSv1.2 (OUT), TLS change cipher, Client hello (1):

    * TLSv1.2 (OUT), TLS handshake, Finished (20):

    * OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to pypi.org:443 

    * stopped the pause stream!

    * Closing connection 0

    curl: (35) OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to pypi.org:443 



OpenSSL 1.1.0g  2 Nov 2017



ldd /usr/bin/openssl

    linux-vdso.so.1 (0x00007ffc517f7000)

    libssl.so.1.1 => /usr/lib/x86_64-linux-gnu/libssl.so.1.1 (0x00007f9d2ba51000)

    libcrypto.so.1.1 => /usr/lib/x86_64-linux-gnu/libcrypto.so.1.1 (0x00007f9d2b5d9000)

    libpthread.so.0 => /lib/x86_64-linux-gnu/libpthread.so.0 (0x00007f9d2b3ba000)

    libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007f9d2afc9000)

    libdl.so.2 => /lib/x86_64-linux-gnu/libdl.so.2 (0x00007f9d2adc5000)

    /lib64/ld-linux-x86-64.so.2 (0x00007f9d2bf5c000)


echo $LD_LIBRARY_PATH return an empty line



pip 19.1 from /usr/local/lib/python2.7/dist-packages/pip (python 2.7)

pip 19.1 from /usr/local/lib/python3.6/dist-packages/pip (python 3.6)





share|improve this answer








New contributor




Betroot is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.





















    Your Answer








    StackExchange.ready(function() {
    var channelOptions = {
    tags: "".split(" "),
    id: "89"
    };
    initTagRenderer("".split(" "), "".split(" "), channelOptions);

    StackExchange.using("externalEditor", function() {
    // Have to fire editor after snippets, if snippets enabled
    if (StackExchange.settings.snippets.snippetsEnabled) {
    StackExchange.using("snippets", function() {
    createEditor();
    });
    }
    else {
    createEditor();
    }
    });

    function createEditor() {
    StackExchange.prepareEditor({
    heartbeatType: 'answer',
    autoActivateHeartbeat: false,
    convertImagesToLinks: true,
    noModals: true,
    showLowRepImageUploadWarning: true,
    reputationToPostImages: 10,
    bindNavPrevention: true,
    postfix: "",
    imageUploader: {
    brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
    contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
    allowUrls: true
    },
    onDemand: true,
    discardSelector: ".discard-answer"
    ,immediatelyShowMarkdownHelp:true
    });


    }
    });














    draft saved

    draft discarded


















    StackExchange.ready(
    function () {
    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f1061514%2fafter-ubuntu-update-to-18-4-ssl-error-bad-extension%23new-answer', 'question_page');
    }
    );

    Post as a guest















    Required, but never shown

























    1 Answer
    1






    active

    oldest

    votes








    1 Answer
    1






    active

    oldest

    votes









    active

    oldest

    votes






    active

    oldest

    votes









    0














    I face a similar problem:



       curl https://pypi.org -v
    
    * Rebuilt URL to: https://pypi.org/
    
    *   Trying 2a04:4e42:400::223...
    
    * TCP_NODELAY set
    
    * Connected to pypi.org (2a04:4e42:400::223) port 443 (#0)
    
    * ALPN, offering h2
    
    * ALPN, offering http/1.1
    
    * successfully set certificate verify locations:
    
    *   CAfile: /etc/ssl/certs/ca-certificates.crt
    
      CApath: /etc/ssl/certs
    
    * TLSv1.2 (OUT), TLS handshake, Client hello (1):
    
    * TLSv1.2 (IN), TLS handshake, Server hello (2):
    
    * TLSv1.2 (IN), TLS handshake, Certificate (11):
    
    * TLSv1.2 (IN), TLS handshake, Server key exchange (12):
    
    * TLSv1.2 (IN), TLS handshake, Server finished (14):
    
    * TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
    
    * TLSv1.2 (OUT), TLS change cipher, Client hello (1):
    
    * TLSv1.2 (OUT), TLS handshake, Finished (20):
    
    * OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to pypi.org:443 
    
    * stopped the pause stream!
    
    * Closing connection 0
    
    curl: (35) OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to pypi.org:443 
    

    
OpenSSL 1.1.0g  2 Nov 2017
    

    
ldd /usr/bin/openssl
    
    linux-vdso.so.1 (0x00007ffc517f7000)
    
    libssl.so.1.1 => /usr/lib/x86_64-linux-gnu/libssl.so.1.1 (0x00007f9d2ba51000)
    
    libcrypto.so.1.1 => /usr/lib/x86_64-linux-gnu/libcrypto.so.1.1 (0x00007f9d2b5d9000)
    
    libpthread.so.0 => /lib/x86_64-linux-gnu/libpthread.so.0 (0x00007f9d2b3ba000)
    
    libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007f9d2afc9000)
    
    libdl.so.2 => /lib/x86_64-linux-gnu/libdl.so.2 (0x00007f9d2adc5000)
    
    /lib64/ld-linux-x86-64.so.2 (0x00007f9d2bf5c000)


    echo $LD_LIBRARY_PATH return an empty line



    pip 19.1 from /usr/local/lib/python2.7/dist-packages/pip (python 2.7)
    
pip 19.1 from /usr/local/lib/python3.6/dist-packages/pip (python 3.6)





    share|improve this answer








    New contributor




    Betroot is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
    Check out our Code of Conduct.

























      0














      I face a similar problem:



         curl https://pypi.org -v
      
    * Rebuilt URL to: https://pypi.org/
      
    *   Trying 2a04:4e42:400::223...
      
    * TCP_NODELAY set
      
    * Connected to pypi.org (2a04:4e42:400::223) port 443 (#0)
      
    * ALPN, offering h2
      
    * ALPN, offering http/1.1
      
    * successfully set certificate verify locations:
      
    *   CAfile: /etc/ssl/certs/ca-certificates.crt
      
      CApath: /etc/ssl/certs
      
    * TLSv1.2 (OUT), TLS handshake, Client hello (1):
      
    * TLSv1.2 (IN), TLS handshake, Server hello (2):
      
    * TLSv1.2 (IN), TLS handshake, Certificate (11):
      
    * TLSv1.2 (IN), TLS handshake, Server key exchange (12):
      
    * TLSv1.2 (IN), TLS handshake, Server finished (14):
      
    * TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
      
    * TLSv1.2 (OUT), TLS change cipher, Client hello (1):
      
    * TLSv1.2 (OUT), TLS handshake, Finished (20):
      
    * OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to pypi.org:443 
      
    * stopped the pause stream!
      
    * Closing connection 0
      
    curl: (35) OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to pypi.org:443 
      

      
OpenSSL 1.1.0g  2 Nov 2017
      

      
ldd /usr/bin/openssl
      
    linux-vdso.so.1 (0x00007ffc517f7000)
      
    libssl.so.1.1 => /usr/lib/x86_64-linux-gnu/libssl.so.1.1 (0x00007f9d2ba51000)
      
    libcrypto.so.1.1 => /usr/lib/x86_64-linux-gnu/libcrypto.so.1.1 (0x00007f9d2b5d9000)
      
    libpthread.so.0 => /lib/x86_64-linux-gnu/libpthread.so.0 (0x00007f9d2b3ba000)
      
    libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007f9d2afc9000)
      
    libdl.so.2 => /lib/x86_64-linux-gnu/libdl.so.2 (0x00007f9d2adc5000)
      
    /lib64/ld-linux-x86-64.so.2 (0x00007f9d2bf5c000)


      echo $LD_LIBRARY_PATH return an empty line



      pip 19.1 from /usr/local/lib/python2.7/dist-packages/pip (python 2.7)
      
pip 19.1 from /usr/local/lib/python3.6/dist-packages/pip (python 3.6)





      share|improve this answer








      New contributor




      Betroot is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.























        0












        0








        0







        I face a similar problem:



           curl https://pypi.org -v
        
    * Rebuilt URL to: https://pypi.org/
        
    *   Trying 2a04:4e42:400::223...
        
    * TCP_NODELAY set
        
    * Connected to pypi.org (2a04:4e42:400::223) port 443 (#0)
        
    * ALPN, offering h2
        
    * ALPN, offering http/1.1
        
    * successfully set certificate verify locations:
        
    *   CAfile: /etc/ssl/certs/ca-certificates.crt
        
      CApath: /etc/ssl/certs
        
    * TLSv1.2 (OUT), TLS handshake, Client hello (1):
        
    * TLSv1.2 (IN), TLS handshake, Server hello (2):
        
    * TLSv1.2 (IN), TLS handshake, Certificate (11):
        
    * TLSv1.2 (IN), TLS handshake, Server key exchange (12):
        
    * TLSv1.2 (IN), TLS handshake, Server finished (14):
        
    * TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
        
    * TLSv1.2 (OUT), TLS change cipher, Client hello (1):
        
    * TLSv1.2 (OUT), TLS handshake, Finished (20):
        
    * OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to pypi.org:443 
        
    * stopped the pause stream!
        
    * Closing connection 0
        
    curl: (35) OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to pypi.org:443 
        

        
OpenSSL 1.1.0g  2 Nov 2017
        

        
ldd /usr/bin/openssl
        
    linux-vdso.so.1 (0x00007ffc517f7000)
        
    libssl.so.1.1 => /usr/lib/x86_64-linux-gnu/libssl.so.1.1 (0x00007f9d2ba51000)
        
    libcrypto.so.1.1 => /usr/lib/x86_64-linux-gnu/libcrypto.so.1.1 (0x00007f9d2b5d9000)
        
    libpthread.so.0 => /lib/x86_64-linux-gnu/libpthread.so.0 (0x00007f9d2b3ba000)
        
    libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007f9d2afc9000)
        
    libdl.so.2 => /lib/x86_64-linux-gnu/libdl.so.2 (0x00007f9d2adc5000)
        
    /lib64/ld-linux-x86-64.so.2 (0x00007f9d2bf5c000)


        echo $LD_LIBRARY_PATH return an empty line



        pip 19.1 from /usr/local/lib/python2.7/dist-packages/pip (python 2.7)
        
pip 19.1 from /usr/local/lib/python3.6/dist-packages/pip (python 3.6)





        share|improve this answer








        New contributor




        Betroot is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
        Check out our Code of Conduct.










        I face a similar problem:



           curl https://pypi.org -v
        
    * Rebuilt URL to: https://pypi.org/
        
    *   Trying 2a04:4e42:400::223...
        
    * TCP_NODELAY set
        
    * Connected to pypi.org (2a04:4e42:400::223) port 443 (#0)
        
    * ALPN, offering h2
        
    * ALPN, offering http/1.1
        
    * successfully set certificate verify locations:
        
    *   CAfile: /etc/ssl/certs/ca-certificates.crt
        
      CApath: /etc/ssl/certs
        
    * TLSv1.2 (OUT), TLS handshake, Client hello (1):
        
    * TLSv1.2 (IN), TLS handshake, Server hello (2):
        
    * TLSv1.2 (IN), TLS handshake, Certificate (11):
        
    * TLSv1.2 (IN), TLS handshake, Server key exchange (12):
        
    * TLSv1.2 (IN), TLS handshake, Server finished (14):
        
    * TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
        
    * TLSv1.2 (OUT), TLS change cipher, Client hello (1):
        
    * TLSv1.2 (OUT), TLS handshake, Finished (20):
        
    * OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to pypi.org:443 
        
    * stopped the pause stream!
        
    * Closing connection 0
        
    curl: (35) OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to pypi.org:443 
        

        
OpenSSL 1.1.0g  2 Nov 2017
        

        
ldd /usr/bin/openssl
        
    linux-vdso.so.1 (0x00007ffc517f7000)
        
    libssl.so.1.1 => /usr/lib/x86_64-linux-gnu/libssl.so.1.1 (0x00007f9d2ba51000)
        
    libcrypto.so.1.1 => /usr/lib/x86_64-linux-gnu/libcrypto.so.1.1 (0x00007f9d2b5d9000)
        
    libpthread.so.0 => /lib/x86_64-linux-gnu/libpthread.so.0 (0x00007f9d2b3ba000)
        
    libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007f9d2afc9000)
        
    libdl.so.2 => /lib/x86_64-linux-gnu/libdl.so.2 (0x00007f9d2adc5000)
        
    /lib64/ld-linux-x86-64.so.2 (0x00007f9d2bf5c000)


        echo $LD_LIBRARY_PATH return an empty line



        pip 19.1 from /usr/local/lib/python2.7/dist-packages/pip (python 2.7)
        
pip 19.1 from /usr/local/lib/python3.6/dist-packages/pip (python 3.6)






        share|improve this answer








        New contributor




        Betroot is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
        Check out our Code of Conduct.









        share|improve this answer



        share|improve this answer






        New contributor




        Betroot is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
        Check out our Code of Conduct.









        answered 12 mins ago









        BetrootBetroot

        1




        1




        New contributor




        Betroot is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
        Check out our Code of Conduct.





        New contributor





        Betroot is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
        Check out our Code of Conduct.






        Betroot is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
        Check out our Code of Conduct.






























            draft saved

            draft discarded




















































            Thanks for contributing an answer to Ask Ubuntu!


            • Please be sure to answer the question. Provide details and share your research!

            But avoid



            • Asking for help, clarification, or responding to other answers.

            • Making statements based on opinion; back them up with references or personal experience.


            To learn more, see our tips on writing great answers.




            draft saved


            draft discarded














            StackExchange.ready(
            function () {
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f1061514%2fafter-ubuntu-update-to-18-4-ssl-error-bad-extension%23new-answer', 'question_page');
            }
            );

            Post as a guest















            Required, but never shown





















































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown

































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown







            -

            Popular posts from this blog

            GameSpot

            Image
            body.skin-minerva .mw-parser-output table.infobox caption{text-align:center} GameSpot 戰地風雲:惡名昭彰2在Gamespot的評論 网站类型 新聞 持有者 CBS 创始人 Pete Deemer Vince Broady Jon Epstein 网站 http://www.gamespot.com/ 注册 Optional (free and paid) 推出时间 1996年5月1日 [1] GameSpot (中国大陆:游戏基地),於1996年5月由Pete Deemer和Vince Broady創立,是一個提供新聞、評論、預告片、下載及其他的相關資訊的電子遊戲網站。GameSpot被一間後來被CNET收購的企業ZDNet所收購。根據Alexa,GameSpot.com是200個網路擁擠最嚴重的網站之一。 除了由GameSpot員工創作的內容,網站還允許用戶寫評論、網誌、之後在網路論壇分享。一些在CNET旗下的GameFAQs分享。 2004年, GameSpot被Spike TV的觀眾選上「電子遊戲賞節目」贏得「最傑出遊戲網站。 [2] 其他的遊戲網站還有IGN、1UP.com、GameSpy是它最大的競爭對手。2008年,根據Compete.com的統計,「gamespot.com」吸引了最少6000萬人的點擊率。 [3] GameSpot的主頁鏈結了到最近新聞、評論、預告、和一些有關遊戲機的入口:Wii、任天堂DS、電腦遊戲、Xbox 360、PSP、PlayStation 2、PlayStation 3。它還有一列「最受歡迎遊戲名單」,還有給用戶快速獲得遊戲資訊的搜尋器。GameSpot 還包括一些小範圍的遊戲機:任天堂64、GameCube、Game Boy Color、Game Boy Advance、Xbox、PlayStation、SEGA Saturn、Dreamcast、Neo Geo Pocket Color、N-Gage、手機遊戲。 目录 1 歷史 1.1 國際歷史 1.2 著名的員工 2 評論和分
            Read more

            connect to host localhost port 22: Connection refused

            Image
            .everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty{ margin-bottom:0; } 1 1 I created a Ubuntu Vagrant box and ssh'd into it. Now, created a ssh key and trying to ssh to my localhost but I get the following error. vagrant@vagrant-ubuntu-trusty-64:~$ ssh -vvvv localhost OpenSSH_6.6.1, OpenSSL 1.0.1f 6 Jan 2014 debug1: Reading configuration data /etc/ssh/ssh_config debug1: /etc/ssh/ssh_config line 19: Applying options for * debug2: ssh_connect: needpriv 0 debug1: Connecting to localhost [127.0.0.1] port 22. debug1: connect to address 127.0.0.1 port 22: Connection refused ssh: connect to host localhost port 22: Connection refused When I check the list of ports opened as follows: vagrant@vagrant-ubuntu-trusty-64:~$ s
            Read more

            Getting a Wifi WPA2 wifi connection

            Image
            .everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty{ margin-bottom:0; } 0 I've been trying to get a simple wifi connection ! bu I have to admit I just can't get it done ! here is what I've tried: root@MYONE:/etc# clear root@MYONE:/etc# vi wpa_supplicant.conf ctrl_interface=/var/run/wpa_supplicant ctrl_interface_group=0 update_config=1 network={ ssid="Mi Engine" psk="7407352688e4" } root@MYONE:/etc# iw wlan0 link Not connected. root@MYONE:/etc# ifconfig eth0 Link encap:Ethernet HWaddr 74:FE:48:3A:55:AB inet addr:192.168.178.88 Bcast:192.168.178.255 Mask:255.255.255.0 inet6 addr: fe80::76fe:48ff:fe3a:55ab%4804152/64 Scope:Link UP BRO
            Read more