After Ubuntu update to 18.4 SSL Error: bad extension
.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty{ margin-bottom:0;
}
After a update to 18.4 i cannot use ssl anymore. I can still load the page with firefox.
Example 1:
openssl s_client -connect www.python.org:443 -tls1_2
CONNECTED(00000003)
140370126008768:error:141B306E:SSL routines:tls_collect_extensions:bad extension:ssl/statem/extensions.c:391:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 70 bytes and written 183 bytes
Verification: OK
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : 0000
Session-ID:
Session-ID-ctx:
Master-Key:
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1533142828
Timeout : 7200 (sec)
Verify return code: 0 (ok)
Extended master secret: no
---
Example 2:
curl https://pypi.org -v
* Rebuilt URL to: https://pypi.org/
* Trying 2a04:4e42:600::223...
* TCP_NODELAY set
* Connected to pypi.org (2a04:4e42:600::223) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: /etc/ssl/certs/ca-certificates.crt
CApath: /etc/ssl/certs
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (OUT), TLS alert, Server hello (2):
* error:141B306E:SSL routines:tls_collect_extensions:bad extension
* stopped the pause stream!
* Closing connection 0
curl: (35) error:141B306E:SSL routines:tls_collect_extensions:bad extension
My openssl version:
OpenSSL 1.1.0g 2 Nov 2017 (Library: OpenSSL 1.1.1-dev xx XXX xxxx)
built on: reproducible build, date unspecified
platform: linux-x86_64
compiler: gcc -DDSO_DLFCN -DHAVE_DLFCN_H -DNDEBUG -DOPENSSL_THREADS -DOPENSSL_NO_STATIC_ENGINE -DOPENSSL_PIC -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DPADLOCK_ASM -DPOLY1305_ASM -DOPENSSLDIR=""/usr/local/ssl"" -DENGINESDIR=""/usr/local/lib/engines-1.1"" -Wa,--noexecstack
OPENSSLDIR: "/usr/local/ssl"
ENGINESDIR: "/usr/local/lib/engines-1.1"
I tried to reinstall openssl
and update the ca-certificates
.
What else could i try?
I hope you can help me.
18.04 ssl openssl tls
add a comment |
After a update to 18.4 i cannot use ssl anymore. I can still load the page with firefox.
Example 1:
openssl s_client -connect www.python.org:443 -tls1_2
CONNECTED(00000003)
140370126008768:error:141B306E:SSL routines:tls_collect_extensions:bad extension:ssl/statem/extensions.c:391:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 70 bytes and written 183 bytes
Verification: OK
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : 0000
Session-ID:
Session-ID-ctx:
Master-Key:
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1533142828
Timeout : 7200 (sec)
Verify return code: 0 (ok)
Extended master secret: no
---
Example 2:
curl https://pypi.org -v
* Rebuilt URL to: https://pypi.org/
* Trying 2a04:4e42:600::223...
* TCP_NODELAY set
* Connected to pypi.org (2a04:4e42:600::223) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: /etc/ssl/certs/ca-certificates.crt
CApath: /etc/ssl/certs
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (OUT), TLS alert, Server hello (2):
* error:141B306E:SSL routines:tls_collect_extensions:bad extension
* stopped the pause stream!
* Closing connection 0
curl: (35) error:141B306E:SSL routines:tls_collect_extensions:bad extension
My openssl version:
OpenSSL 1.1.0g 2 Nov 2017 (Library: OpenSSL 1.1.1-dev xx XXX xxxx)
built on: reproducible build, date unspecified
platform: linux-x86_64
compiler: gcc -DDSO_DLFCN -DHAVE_DLFCN_H -DNDEBUG -DOPENSSL_THREADS -DOPENSSL_NO_STATIC_ENGINE -DOPENSSL_PIC -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DPADLOCK_ASM -DPOLY1305_ASM -DOPENSSLDIR=""/usr/local/ssl"" -DENGINESDIR=""/usr/local/lib/engines-1.1"" -Wa,--noexecstack
OPENSSLDIR: "/usr/local/ssl"
ENGINESDIR: "/usr/local/lib/engines-1.1"
I tried to reinstall openssl
and update the ca-certificates
.
What else could i try?
I hope you can help me.
18.04 ssl openssl tls
1
The filename given for the error is suspicious "ssl/statem/extensions.c". AFAIK Ubuntu 18.04 is based on OpenSSL 1.1.0g (that's what I've got on my 18.04 installation), but the file above is very new. It has been introduced in the new 1.1.1 version of OpenSSL which is still in beta testing. Do you have more than one version of OpenSSL on your machine? What doeswhich openssl
report, andopenssl version
?
– Matt Caswell
Aug 2 '18 at 8:14
It is just one. Okay is this correct?openssl version: OpenSSL 1.1.0g 2 Nov 2017 (Library: OpenSSL 1.1.1-dev xx XXX xxxx)
– TopGun
Aug 2 '18 at 15:20
Youropenssl version
output is not normal. It reveals that the openssl command line application version is 1.1.0g (as per the standard version in Ubuntu), but the openssl library version is 1.1.1-dev, i.e. a development version of the new 1.1.1 release that is still in beta testing. You didn't tell me the output fromwhich openssl
, but I'm assuming it is/usr/bin/openssl
. What is the output fromldd /usr/bin/openssl
? Please also show whatecho $LD_LIBRARY_PATH
gives you.
– Matt Caswell
Aug 2 '18 at 20:45
Thanks for your help. I needed to work so i decided to reinstall the os, because this was the fastest way for me fixing it. Now everything works fine:)
– TopGun
Aug 4 '18 at 9:32
add a comment |
After a update to 18.4 i cannot use ssl anymore. I can still load the page with firefox.
Example 1:
openssl s_client -connect www.python.org:443 -tls1_2
CONNECTED(00000003)
140370126008768:error:141B306E:SSL routines:tls_collect_extensions:bad extension:ssl/statem/extensions.c:391:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 70 bytes and written 183 bytes
Verification: OK
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : 0000
Session-ID:
Session-ID-ctx:
Master-Key:
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1533142828
Timeout : 7200 (sec)
Verify return code: 0 (ok)
Extended master secret: no
---
Example 2:
curl https://pypi.org -v
* Rebuilt URL to: https://pypi.org/
* Trying 2a04:4e42:600::223...
* TCP_NODELAY set
* Connected to pypi.org (2a04:4e42:600::223) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: /etc/ssl/certs/ca-certificates.crt
CApath: /etc/ssl/certs
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (OUT), TLS alert, Server hello (2):
* error:141B306E:SSL routines:tls_collect_extensions:bad extension
* stopped the pause stream!
* Closing connection 0
curl: (35) error:141B306E:SSL routines:tls_collect_extensions:bad extension
My openssl version:
OpenSSL 1.1.0g 2 Nov 2017 (Library: OpenSSL 1.1.1-dev xx XXX xxxx)
built on: reproducible build, date unspecified
platform: linux-x86_64
compiler: gcc -DDSO_DLFCN -DHAVE_DLFCN_H -DNDEBUG -DOPENSSL_THREADS -DOPENSSL_NO_STATIC_ENGINE -DOPENSSL_PIC -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DPADLOCK_ASM -DPOLY1305_ASM -DOPENSSLDIR=""/usr/local/ssl"" -DENGINESDIR=""/usr/local/lib/engines-1.1"" -Wa,--noexecstack
OPENSSLDIR: "/usr/local/ssl"
ENGINESDIR: "/usr/local/lib/engines-1.1"
I tried to reinstall openssl
and update the ca-certificates
.
What else could i try?
I hope you can help me.
18.04 ssl openssl tls
After a update to 18.4 i cannot use ssl anymore. I can still load the page with firefox.
Example 1:
openssl s_client -connect www.python.org:443 -tls1_2
CONNECTED(00000003)
140370126008768:error:141B306E:SSL routines:tls_collect_extensions:bad extension:ssl/statem/extensions.c:391:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 70 bytes and written 183 bytes
Verification: OK
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : 0000
Session-ID:
Session-ID-ctx:
Master-Key:
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1533142828
Timeout : 7200 (sec)
Verify return code: 0 (ok)
Extended master secret: no
---
Example 2:
curl https://pypi.org -v
* Rebuilt URL to: https://pypi.org/
* Trying 2a04:4e42:600::223...
* TCP_NODELAY set
* Connected to pypi.org (2a04:4e42:600::223) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: /etc/ssl/certs/ca-certificates.crt
CApath: /etc/ssl/certs
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (OUT), TLS alert, Server hello (2):
* error:141B306E:SSL routines:tls_collect_extensions:bad extension
* stopped the pause stream!
* Closing connection 0
curl: (35) error:141B306E:SSL routines:tls_collect_extensions:bad extension
My openssl version:
OpenSSL 1.1.0g 2 Nov 2017 (Library: OpenSSL 1.1.1-dev xx XXX xxxx)
built on: reproducible build, date unspecified
platform: linux-x86_64
compiler: gcc -DDSO_DLFCN -DHAVE_DLFCN_H -DNDEBUG -DOPENSSL_THREADS -DOPENSSL_NO_STATIC_ENGINE -DOPENSSL_PIC -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DPADLOCK_ASM -DPOLY1305_ASM -DOPENSSLDIR=""/usr/local/ssl"" -DENGINESDIR=""/usr/local/lib/engines-1.1"" -Wa,--noexecstack
OPENSSLDIR: "/usr/local/ssl"
ENGINESDIR: "/usr/local/lib/engines-1.1"
I tried to reinstall openssl
and update the ca-certificates
.
What else could i try?
I hope you can help me.
18.04 ssl openssl tls
18.04 ssl openssl tls
edited Aug 2 '18 at 15:44
TopGun
asked Aug 1 '18 at 17:21
TopGunTopGun
11
11
1
The filename given for the error is suspicious "ssl/statem/extensions.c". AFAIK Ubuntu 18.04 is based on OpenSSL 1.1.0g (that's what I've got on my 18.04 installation), but the file above is very new. It has been introduced in the new 1.1.1 version of OpenSSL which is still in beta testing. Do you have more than one version of OpenSSL on your machine? What doeswhich openssl
report, andopenssl version
?
– Matt Caswell
Aug 2 '18 at 8:14
It is just one. Okay is this correct?openssl version: OpenSSL 1.1.0g 2 Nov 2017 (Library: OpenSSL 1.1.1-dev xx XXX xxxx)
– TopGun
Aug 2 '18 at 15:20
Youropenssl version
output is not normal. It reveals that the openssl command line application version is 1.1.0g (as per the standard version in Ubuntu), but the openssl library version is 1.1.1-dev, i.e. a development version of the new 1.1.1 release that is still in beta testing. You didn't tell me the output fromwhich openssl
, but I'm assuming it is/usr/bin/openssl
. What is the output fromldd /usr/bin/openssl
? Please also show whatecho $LD_LIBRARY_PATH
gives you.
– Matt Caswell
Aug 2 '18 at 20:45
Thanks for your help. I needed to work so i decided to reinstall the os, because this was the fastest way for me fixing it. Now everything works fine:)
– TopGun
Aug 4 '18 at 9:32
add a comment |
1
The filename given for the error is suspicious "ssl/statem/extensions.c". AFAIK Ubuntu 18.04 is based on OpenSSL 1.1.0g (that's what I've got on my 18.04 installation), but the file above is very new. It has been introduced in the new 1.1.1 version of OpenSSL which is still in beta testing. Do you have more than one version of OpenSSL on your machine? What doeswhich openssl
report, andopenssl version
?
– Matt Caswell
Aug 2 '18 at 8:14
It is just one. Okay is this correct?openssl version: OpenSSL 1.1.0g 2 Nov 2017 (Library: OpenSSL 1.1.1-dev xx XXX xxxx)
– TopGun
Aug 2 '18 at 15:20
Youropenssl version
output is not normal. It reveals that the openssl command line application version is 1.1.0g (as per the standard version in Ubuntu), but the openssl library version is 1.1.1-dev, i.e. a development version of the new 1.1.1 release that is still in beta testing. You didn't tell me the output fromwhich openssl
, but I'm assuming it is/usr/bin/openssl
. What is the output fromldd /usr/bin/openssl
? Please also show whatecho $LD_LIBRARY_PATH
gives you.
– Matt Caswell
Aug 2 '18 at 20:45
Thanks for your help. I needed to work so i decided to reinstall the os, because this was the fastest way for me fixing it. Now everything works fine:)
– TopGun
Aug 4 '18 at 9:32
1
1
The filename given for the error is suspicious "ssl/statem/extensions.c". AFAIK Ubuntu 18.04 is based on OpenSSL 1.1.0g (that's what I've got on my 18.04 installation), but the file above is very new. It has been introduced in the new 1.1.1 version of OpenSSL which is still in beta testing. Do you have more than one version of OpenSSL on your machine? What does
which openssl
report, and openssl version
?– Matt Caswell
Aug 2 '18 at 8:14
The filename given for the error is suspicious "ssl/statem/extensions.c". AFAIK Ubuntu 18.04 is based on OpenSSL 1.1.0g (that's what I've got on my 18.04 installation), but the file above is very new. It has been introduced in the new 1.1.1 version of OpenSSL which is still in beta testing. Do you have more than one version of OpenSSL on your machine? What does
which openssl
report, and openssl version
?– Matt Caswell
Aug 2 '18 at 8:14
It is just one. Okay is this correct?
openssl version: OpenSSL 1.1.0g 2 Nov 2017 (Library: OpenSSL 1.1.1-dev xx XXX xxxx)
– TopGun
Aug 2 '18 at 15:20
It is just one. Okay is this correct?
openssl version: OpenSSL 1.1.0g 2 Nov 2017 (Library: OpenSSL 1.1.1-dev xx XXX xxxx)
– TopGun
Aug 2 '18 at 15:20
Your
openssl version
output is not normal. It reveals that the openssl command line application version is 1.1.0g (as per the standard version in Ubuntu), but the openssl library version is 1.1.1-dev, i.e. a development version of the new 1.1.1 release that is still in beta testing. You didn't tell me the output from which openssl
, but I'm assuming it is /usr/bin/openssl
. What is the output from ldd /usr/bin/openssl
? Please also show what echo $LD_LIBRARY_PATH
gives you.– Matt Caswell
Aug 2 '18 at 20:45
Your
openssl version
output is not normal. It reveals that the openssl command line application version is 1.1.0g (as per the standard version in Ubuntu), but the openssl library version is 1.1.1-dev, i.e. a development version of the new 1.1.1 release that is still in beta testing. You didn't tell me the output from which openssl
, but I'm assuming it is /usr/bin/openssl
. What is the output from ldd /usr/bin/openssl
? Please also show what echo $LD_LIBRARY_PATH
gives you.– Matt Caswell
Aug 2 '18 at 20:45
Thanks for your help. I needed to work so i decided to reinstall the os, because this was the fastest way for me fixing it. Now everything works fine:)
– TopGun
Aug 4 '18 at 9:32
Thanks for your help. I needed to work so i decided to reinstall the os, because this was the fastest way for me fixing it. Now everything works fine:)
– TopGun
Aug 4 '18 at 9:32
add a comment |
1 Answer
1
active
oldest
votes
I face a similar problem:
curl https://pypi.org -v
* Rebuilt URL to: https://pypi.org/
* Trying 2a04:4e42:400::223...
* TCP_NODELAY set
* Connected to pypi.org (2a04:4e42:400::223) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: /etc/ssl/certs/ca-certificates.crt
CApath: /etc/ssl/certs
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Client hello (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to pypi.org:443
* stopped the pause stream!
* Closing connection 0
curl: (35) OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to pypi.org:443
OpenSSL 1.1.0g 2 Nov 2017
ldd /usr/bin/openssl
linux-vdso.so.1 (0x00007ffc517f7000)
libssl.so.1.1 => /usr/lib/x86_64-linux-gnu/libssl.so.1.1 (0x00007f9d2ba51000)
libcrypto.so.1.1 => /usr/lib/x86_64-linux-gnu/libcrypto.so.1.1 (0x00007f9d2b5d9000)
libpthread.so.0 => /lib/x86_64-linux-gnu/libpthread.so.0 (0x00007f9d2b3ba000)
libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007f9d2afc9000)
libdl.so.2 => /lib/x86_64-linux-gnu/libdl.so.2 (0x00007f9d2adc5000)
/lib64/ld-linux-x86-64.so.2 (0x00007f9d2bf5c000)
echo $LD_LIBRARY_PATH return an empty line
pip 19.1 from /usr/local/lib/python2.7/dist-packages/pip (python 2.7)
pip 19.1 from /usr/local/lib/python3.6/dist-packages/pip (python 3.6)
New contributor
add a comment |
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "89"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f1061514%2fafter-ubuntu-update-to-18-4-ssl-error-bad-extension%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
I face a similar problem:
curl https://pypi.org -v
* Rebuilt URL to: https://pypi.org/
* Trying 2a04:4e42:400::223...
* TCP_NODELAY set
* Connected to pypi.org (2a04:4e42:400::223) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: /etc/ssl/certs/ca-certificates.crt
CApath: /etc/ssl/certs
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Client hello (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to pypi.org:443
* stopped the pause stream!
* Closing connection 0
curl: (35) OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to pypi.org:443
OpenSSL 1.1.0g 2 Nov 2017
ldd /usr/bin/openssl
linux-vdso.so.1 (0x00007ffc517f7000)
libssl.so.1.1 => /usr/lib/x86_64-linux-gnu/libssl.so.1.1 (0x00007f9d2ba51000)
libcrypto.so.1.1 => /usr/lib/x86_64-linux-gnu/libcrypto.so.1.1 (0x00007f9d2b5d9000)
libpthread.so.0 => /lib/x86_64-linux-gnu/libpthread.so.0 (0x00007f9d2b3ba000)
libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007f9d2afc9000)
libdl.so.2 => /lib/x86_64-linux-gnu/libdl.so.2 (0x00007f9d2adc5000)
/lib64/ld-linux-x86-64.so.2 (0x00007f9d2bf5c000)
echo $LD_LIBRARY_PATH return an empty line
pip 19.1 from /usr/local/lib/python2.7/dist-packages/pip (python 2.7)
pip 19.1 from /usr/local/lib/python3.6/dist-packages/pip (python 3.6)
New contributor
add a comment |
I face a similar problem:
curl https://pypi.org -v
* Rebuilt URL to: https://pypi.org/
* Trying 2a04:4e42:400::223...
* TCP_NODELAY set
* Connected to pypi.org (2a04:4e42:400::223) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: /etc/ssl/certs/ca-certificates.crt
CApath: /etc/ssl/certs
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Client hello (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to pypi.org:443
* stopped the pause stream!
* Closing connection 0
curl: (35) OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to pypi.org:443
OpenSSL 1.1.0g 2 Nov 2017
ldd /usr/bin/openssl
linux-vdso.so.1 (0x00007ffc517f7000)
libssl.so.1.1 => /usr/lib/x86_64-linux-gnu/libssl.so.1.1 (0x00007f9d2ba51000)
libcrypto.so.1.1 => /usr/lib/x86_64-linux-gnu/libcrypto.so.1.1 (0x00007f9d2b5d9000)
libpthread.so.0 => /lib/x86_64-linux-gnu/libpthread.so.0 (0x00007f9d2b3ba000)
libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007f9d2afc9000)
libdl.so.2 => /lib/x86_64-linux-gnu/libdl.so.2 (0x00007f9d2adc5000)
/lib64/ld-linux-x86-64.so.2 (0x00007f9d2bf5c000)
echo $LD_LIBRARY_PATH return an empty line
pip 19.1 from /usr/local/lib/python2.7/dist-packages/pip (python 2.7)
pip 19.1 from /usr/local/lib/python3.6/dist-packages/pip (python 3.6)
New contributor
add a comment |
I face a similar problem:
curl https://pypi.org -v
* Rebuilt URL to: https://pypi.org/
* Trying 2a04:4e42:400::223...
* TCP_NODELAY set
* Connected to pypi.org (2a04:4e42:400::223) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: /etc/ssl/certs/ca-certificates.crt
CApath: /etc/ssl/certs
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Client hello (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to pypi.org:443
* stopped the pause stream!
* Closing connection 0
curl: (35) OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to pypi.org:443
OpenSSL 1.1.0g 2 Nov 2017
ldd /usr/bin/openssl
linux-vdso.so.1 (0x00007ffc517f7000)
libssl.so.1.1 => /usr/lib/x86_64-linux-gnu/libssl.so.1.1 (0x00007f9d2ba51000)
libcrypto.so.1.1 => /usr/lib/x86_64-linux-gnu/libcrypto.so.1.1 (0x00007f9d2b5d9000)
libpthread.so.0 => /lib/x86_64-linux-gnu/libpthread.so.0 (0x00007f9d2b3ba000)
libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007f9d2afc9000)
libdl.so.2 => /lib/x86_64-linux-gnu/libdl.so.2 (0x00007f9d2adc5000)
/lib64/ld-linux-x86-64.so.2 (0x00007f9d2bf5c000)
echo $LD_LIBRARY_PATH return an empty line
pip 19.1 from /usr/local/lib/python2.7/dist-packages/pip (python 2.7)
pip 19.1 from /usr/local/lib/python3.6/dist-packages/pip (python 3.6)
New contributor
I face a similar problem:
curl https://pypi.org -v
* Rebuilt URL to: https://pypi.org/
* Trying 2a04:4e42:400::223...
* TCP_NODELAY set
* Connected to pypi.org (2a04:4e42:400::223) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: /etc/ssl/certs/ca-certificates.crt
CApath: /etc/ssl/certs
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Client hello (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to pypi.org:443
* stopped the pause stream!
* Closing connection 0
curl: (35) OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to pypi.org:443
OpenSSL 1.1.0g 2 Nov 2017
ldd /usr/bin/openssl
linux-vdso.so.1 (0x00007ffc517f7000)
libssl.so.1.1 => /usr/lib/x86_64-linux-gnu/libssl.so.1.1 (0x00007f9d2ba51000)
libcrypto.so.1.1 => /usr/lib/x86_64-linux-gnu/libcrypto.so.1.1 (0x00007f9d2b5d9000)
libpthread.so.0 => /lib/x86_64-linux-gnu/libpthread.so.0 (0x00007f9d2b3ba000)
libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007f9d2afc9000)
libdl.so.2 => /lib/x86_64-linux-gnu/libdl.so.2 (0x00007f9d2adc5000)
/lib64/ld-linux-x86-64.so.2 (0x00007f9d2bf5c000)
echo $LD_LIBRARY_PATH return an empty line
pip 19.1 from /usr/local/lib/python2.7/dist-packages/pip (python 2.7)
pip 19.1 from /usr/local/lib/python3.6/dist-packages/pip (python 3.6)
New contributor
New contributor
answered 12 mins ago
BetrootBetroot
1
1
New contributor
New contributor
add a comment |
add a comment |
Thanks for contributing an answer to Ask Ubuntu!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f1061514%2fafter-ubuntu-update-to-18-4-ssl-error-bad-extension%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
1
The filename given for the error is suspicious "ssl/statem/extensions.c". AFAIK Ubuntu 18.04 is based on OpenSSL 1.1.0g (that's what I've got on my 18.04 installation), but the file above is very new. It has been introduced in the new 1.1.1 version of OpenSSL which is still in beta testing. Do you have more than one version of OpenSSL on your machine? What does
which openssl
report, andopenssl version
?– Matt Caswell
Aug 2 '18 at 8:14
It is just one. Okay is this correct?
openssl version: OpenSSL 1.1.0g 2 Nov 2017 (Library: OpenSSL 1.1.1-dev xx XXX xxxx)
– TopGun
Aug 2 '18 at 15:20
Your
openssl version
output is not normal. It reveals that the openssl command line application version is 1.1.0g (as per the standard version in Ubuntu), but the openssl library version is 1.1.1-dev, i.e. a development version of the new 1.1.1 release that is still in beta testing. You didn't tell me the output fromwhich openssl
, but I'm assuming it is/usr/bin/openssl
. What is the output fromldd /usr/bin/openssl
? Please also show whatecho $LD_LIBRARY_PATH
gives you.– Matt Caswell
Aug 2 '18 at 20:45
Thanks for your help. I needed to work so i decided to reinstall the os, because this was the fastest way for me fixing it. Now everything works fine:)
– TopGun
Aug 4 '18 at 9:32