After Ubuntu update to 18.4 SSL Error: bad extension





.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty{ margin-bottom:0;
}







0















After a update to 18.4 i cannot use ssl anymore. I can still load the page with firefox.



Example 1:



openssl s_client -connect www.python.org:443 -tls1_2
CONNECTED(00000003)
140370126008768:error:141B306E:SSL routines:tls_collect_extensions:bad extension:ssl/statem/extensions.c:391:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 70 bytes and written 183 bytes
Verification: OK
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : 0000
Session-ID:
Session-ID-ctx:
Master-Key:
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1533142828
Timeout : 7200 (sec)
Verify return code: 0 (ok)
Extended master secret: no
---


Example 2:



curl https://pypi.org -v
* Rebuilt URL to: https://pypi.org/
* Trying 2a04:4e42:600::223...
* TCP_NODELAY set
* Connected to pypi.org (2a04:4e42:600::223) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: /etc/ssl/certs/ca-certificates.crt
CApath: /etc/ssl/certs
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (OUT), TLS alert, Server hello (2):
* error:141B306E:SSL routines:tls_collect_extensions:bad extension
* stopped the pause stream!
* Closing connection 0


curl: (35) error:141B306E:SSL routines:tls_collect_extensions:bad extension



My openssl version:



 OpenSSL 1.1.0g  2 Nov 2017 (Library: OpenSSL 1.1.1-dev  xx XXX xxxx)
built on: reproducible build, date unspecified
platform: linux-x86_64
compiler: gcc -DDSO_DLFCN -DHAVE_DLFCN_H -DNDEBUG -DOPENSSL_THREADS -DOPENSSL_NO_STATIC_ENGINE -DOPENSSL_PIC -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DPADLOCK_ASM -DPOLY1305_ASM -DOPENSSLDIR=""/usr/local/ssl"" -DENGINESDIR=""/usr/local/lib/engines-1.1"" -Wa,--noexecstack
OPENSSLDIR: "/usr/local/ssl"
ENGINESDIR: "/usr/local/lib/engines-1.1"


I tried to reinstall openssl and update the ca-certificates.
What else could i try?



I hope you can help me.










share|improve this question




















  • 1





    The filename given for the error is suspicious "ssl/statem/extensions.c". AFAIK Ubuntu 18.04 is based on OpenSSL 1.1.0g (that's what I've got on my 18.04 installation), but the file above is very new. It has been introduced in the new 1.1.1 version of OpenSSL which is still in beta testing. Do you have more than one version of OpenSSL on your machine? What does which openssl report, and openssl version?

    – Matt Caswell
    Aug 2 '18 at 8:14











  • It is just one. Okay is this correct? openssl version: OpenSSL 1.1.0g 2 Nov 2017 (Library: OpenSSL 1.1.1-dev xx XXX xxxx)

    – TopGun
    Aug 2 '18 at 15:20













  • Your openssl version output is not normal. It reveals that the openssl command line application version is 1.1.0g (as per the standard version in Ubuntu), but the openssl library version is 1.1.1-dev, i.e. a development version of the new 1.1.1 release that is still in beta testing. You didn't tell me the output from which openssl, but I'm assuming it is /usr/bin/openssl. What is the output from ldd /usr/bin/openssl? Please also show what echo $LD_LIBRARY_PATH gives you.

    – Matt Caswell
    Aug 2 '18 at 20:45













  • Thanks for your help. I needed to work so i decided to reinstall the os, because this was the fastest way for me fixing it. Now everything works fine:)

    – TopGun
    Aug 4 '18 at 9:32


















0















After a update to 18.4 i cannot use ssl anymore. I can still load the page with firefox.



Example 1:



openssl s_client -connect www.python.org:443 -tls1_2
CONNECTED(00000003)
140370126008768:error:141B306E:SSL routines:tls_collect_extensions:bad extension:ssl/statem/extensions.c:391:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 70 bytes and written 183 bytes
Verification: OK
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : 0000
Session-ID:
Session-ID-ctx:
Master-Key:
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1533142828
Timeout : 7200 (sec)
Verify return code: 0 (ok)
Extended master secret: no
---


Example 2:



curl https://pypi.org -v
* Rebuilt URL to: https://pypi.org/
* Trying 2a04:4e42:600::223...
* TCP_NODELAY set
* Connected to pypi.org (2a04:4e42:600::223) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: /etc/ssl/certs/ca-certificates.crt
CApath: /etc/ssl/certs
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (OUT), TLS alert, Server hello (2):
* error:141B306E:SSL routines:tls_collect_extensions:bad extension
* stopped the pause stream!
* Closing connection 0


curl: (35) error:141B306E:SSL routines:tls_collect_extensions:bad extension



My openssl version:



 OpenSSL 1.1.0g  2 Nov 2017 (Library: OpenSSL 1.1.1-dev  xx XXX xxxx)
built on: reproducible build, date unspecified
platform: linux-x86_64
compiler: gcc -DDSO_DLFCN -DHAVE_DLFCN_H -DNDEBUG -DOPENSSL_THREADS -DOPENSSL_NO_STATIC_ENGINE -DOPENSSL_PIC -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DPADLOCK_ASM -DPOLY1305_ASM -DOPENSSLDIR=""/usr/local/ssl"" -DENGINESDIR=""/usr/local/lib/engines-1.1"" -Wa,--noexecstack
OPENSSLDIR: "/usr/local/ssl"
ENGINESDIR: "/usr/local/lib/engines-1.1"


I tried to reinstall openssl and update the ca-certificates.
What else could i try?



I hope you can help me.










share|improve this question




















  • 1





    The filename given for the error is suspicious "ssl/statem/extensions.c". AFAIK Ubuntu 18.04 is based on OpenSSL 1.1.0g (that's what I've got on my 18.04 installation), but the file above is very new. It has been introduced in the new 1.1.1 version of OpenSSL which is still in beta testing. Do you have more than one version of OpenSSL on your machine? What does which openssl report, and openssl version?

    – Matt Caswell
    Aug 2 '18 at 8:14











  • It is just one. Okay is this correct? openssl version: OpenSSL 1.1.0g 2 Nov 2017 (Library: OpenSSL 1.1.1-dev xx XXX xxxx)

    – TopGun
    Aug 2 '18 at 15:20













  • Your openssl version output is not normal. It reveals that the openssl command line application version is 1.1.0g (as per the standard version in Ubuntu), but the openssl library version is 1.1.1-dev, i.e. a development version of the new 1.1.1 release that is still in beta testing. You didn't tell me the output from which openssl, but I'm assuming it is /usr/bin/openssl. What is the output from ldd /usr/bin/openssl? Please also show what echo $LD_LIBRARY_PATH gives you.

    – Matt Caswell
    Aug 2 '18 at 20:45













  • Thanks for your help. I needed to work so i decided to reinstall the os, because this was the fastest way for me fixing it. Now everything works fine:)

    – TopGun
    Aug 4 '18 at 9:32














0












0








0








After a update to 18.4 i cannot use ssl anymore. I can still load the page with firefox.



Example 1:



openssl s_client -connect www.python.org:443 -tls1_2
CONNECTED(00000003)
140370126008768:error:141B306E:SSL routines:tls_collect_extensions:bad extension:ssl/statem/extensions.c:391:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 70 bytes and written 183 bytes
Verification: OK
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : 0000
Session-ID:
Session-ID-ctx:
Master-Key:
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1533142828
Timeout : 7200 (sec)
Verify return code: 0 (ok)
Extended master secret: no
---


Example 2:



curl https://pypi.org -v
* Rebuilt URL to: https://pypi.org/
* Trying 2a04:4e42:600::223...
* TCP_NODELAY set
* Connected to pypi.org (2a04:4e42:600::223) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: /etc/ssl/certs/ca-certificates.crt
CApath: /etc/ssl/certs
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (OUT), TLS alert, Server hello (2):
* error:141B306E:SSL routines:tls_collect_extensions:bad extension
* stopped the pause stream!
* Closing connection 0


curl: (35) error:141B306E:SSL routines:tls_collect_extensions:bad extension



My openssl version:



 OpenSSL 1.1.0g  2 Nov 2017 (Library: OpenSSL 1.1.1-dev  xx XXX xxxx)
built on: reproducible build, date unspecified
platform: linux-x86_64
compiler: gcc -DDSO_DLFCN -DHAVE_DLFCN_H -DNDEBUG -DOPENSSL_THREADS -DOPENSSL_NO_STATIC_ENGINE -DOPENSSL_PIC -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DPADLOCK_ASM -DPOLY1305_ASM -DOPENSSLDIR=""/usr/local/ssl"" -DENGINESDIR=""/usr/local/lib/engines-1.1"" -Wa,--noexecstack
OPENSSLDIR: "/usr/local/ssl"
ENGINESDIR: "/usr/local/lib/engines-1.1"


I tried to reinstall openssl and update the ca-certificates.
What else could i try?



I hope you can help me.










share|improve this question
















After a update to 18.4 i cannot use ssl anymore. I can still load the page with firefox.



Example 1:



openssl s_client -connect www.python.org:443 -tls1_2
CONNECTED(00000003)
140370126008768:error:141B306E:SSL routines:tls_collect_extensions:bad extension:ssl/statem/extensions.c:391:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 70 bytes and written 183 bytes
Verification: OK
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : 0000
Session-ID:
Session-ID-ctx:
Master-Key:
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1533142828
Timeout : 7200 (sec)
Verify return code: 0 (ok)
Extended master secret: no
---


Example 2:



curl https://pypi.org -v
* Rebuilt URL to: https://pypi.org/
* Trying 2a04:4e42:600::223...
* TCP_NODELAY set
* Connected to pypi.org (2a04:4e42:600::223) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: /etc/ssl/certs/ca-certificates.crt
CApath: /etc/ssl/certs
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (OUT), TLS alert, Server hello (2):
* error:141B306E:SSL routines:tls_collect_extensions:bad extension
* stopped the pause stream!
* Closing connection 0


curl: (35) error:141B306E:SSL routines:tls_collect_extensions:bad extension



My openssl version:



 OpenSSL 1.1.0g  2 Nov 2017 (Library: OpenSSL 1.1.1-dev  xx XXX xxxx)
built on: reproducible build, date unspecified
platform: linux-x86_64
compiler: gcc -DDSO_DLFCN -DHAVE_DLFCN_H -DNDEBUG -DOPENSSL_THREADS -DOPENSSL_NO_STATIC_ENGINE -DOPENSSL_PIC -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DRC4_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DPADLOCK_ASM -DPOLY1305_ASM -DOPENSSLDIR=""/usr/local/ssl"" -DENGINESDIR=""/usr/local/lib/engines-1.1"" -Wa,--noexecstack
OPENSSLDIR: "/usr/local/ssl"
ENGINESDIR: "/usr/local/lib/engines-1.1"


I tried to reinstall openssl and update the ca-certificates.
What else could i try?



I hope you can help me.







18.04 ssl openssl tls






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited Aug 2 '18 at 15:44







TopGun

















asked Aug 1 '18 at 17:21









TopGunTopGun

11




11








  • 1





    The filename given for the error is suspicious "ssl/statem/extensions.c". AFAIK Ubuntu 18.04 is based on OpenSSL 1.1.0g (that's what I've got on my 18.04 installation), but the file above is very new. It has been introduced in the new 1.1.1 version of OpenSSL which is still in beta testing. Do you have more than one version of OpenSSL on your machine? What does which openssl report, and openssl version?

    – Matt Caswell
    Aug 2 '18 at 8:14











  • It is just one. Okay is this correct? openssl version: OpenSSL 1.1.0g 2 Nov 2017 (Library: OpenSSL 1.1.1-dev xx XXX xxxx)

    – TopGun
    Aug 2 '18 at 15:20













  • Your openssl version output is not normal. It reveals that the openssl command line application version is 1.1.0g (as per the standard version in Ubuntu), but the openssl library version is 1.1.1-dev, i.e. a development version of the new 1.1.1 release that is still in beta testing. You didn't tell me the output from which openssl, but I'm assuming it is /usr/bin/openssl. What is the output from ldd /usr/bin/openssl? Please also show what echo $LD_LIBRARY_PATH gives you.

    – Matt Caswell
    Aug 2 '18 at 20:45













  • Thanks for your help. I needed to work so i decided to reinstall the os, because this was the fastest way for me fixing it. Now everything works fine:)

    – TopGun
    Aug 4 '18 at 9:32














  • 1





    The filename given for the error is suspicious "ssl/statem/extensions.c". AFAIK Ubuntu 18.04 is based on OpenSSL 1.1.0g (that's what I've got on my 18.04 installation), but the file above is very new. It has been introduced in the new 1.1.1 version of OpenSSL which is still in beta testing. Do you have more than one version of OpenSSL on your machine? What does which openssl report, and openssl version?

    – Matt Caswell
    Aug 2 '18 at 8:14











  • It is just one. Okay is this correct? openssl version: OpenSSL 1.1.0g 2 Nov 2017 (Library: OpenSSL 1.1.1-dev xx XXX xxxx)

    – TopGun
    Aug 2 '18 at 15:20













  • Your openssl version output is not normal. It reveals that the openssl command line application version is 1.1.0g (as per the standard version in Ubuntu), but the openssl library version is 1.1.1-dev, i.e. a development version of the new 1.1.1 release that is still in beta testing. You didn't tell me the output from which openssl, but I'm assuming it is /usr/bin/openssl. What is the output from ldd /usr/bin/openssl? Please also show what echo $LD_LIBRARY_PATH gives you.

    – Matt Caswell
    Aug 2 '18 at 20:45













  • Thanks for your help. I needed to work so i decided to reinstall the os, because this was the fastest way for me fixing it. Now everything works fine:)

    – TopGun
    Aug 4 '18 at 9:32








1




1





The filename given for the error is suspicious "ssl/statem/extensions.c". AFAIK Ubuntu 18.04 is based on OpenSSL 1.1.0g (that's what I've got on my 18.04 installation), but the file above is very new. It has been introduced in the new 1.1.1 version of OpenSSL which is still in beta testing. Do you have more than one version of OpenSSL on your machine? What does which openssl report, and openssl version?

– Matt Caswell
Aug 2 '18 at 8:14





The filename given for the error is suspicious "ssl/statem/extensions.c". AFAIK Ubuntu 18.04 is based on OpenSSL 1.1.0g (that's what I've got on my 18.04 installation), but the file above is very new. It has been introduced in the new 1.1.1 version of OpenSSL which is still in beta testing. Do you have more than one version of OpenSSL on your machine? What does which openssl report, and openssl version?

– Matt Caswell
Aug 2 '18 at 8:14













It is just one. Okay is this correct? openssl version: OpenSSL 1.1.0g 2 Nov 2017 (Library: OpenSSL 1.1.1-dev xx XXX xxxx)

– TopGun
Aug 2 '18 at 15:20







It is just one. Okay is this correct? openssl version: OpenSSL 1.1.0g 2 Nov 2017 (Library: OpenSSL 1.1.1-dev xx XXX xxxx)

– TopGun
Aug 2 '18 at 15:20















Your openssl version output is not normal. It reveals that the openssl command line application version is 1.1.0g (as per the standard version in Ubuntu), but the openssl library version is 1.1.1-dev, i.e. a development version of the new 1.1.1 release that is still in beta testing. You didn't tell me the output from which openssl, but I'm assuming it is /usr/bin/openssl. What is the output from ldd /usr/bin/openssl? Please also show what echo $LD_LIBRARY_PATH gives you.

– Matt Caswell
Aug 2 '18 at 20:45







Your openssl version output is not normal. It reveals that the openssl command line application version is 1.1.0g (as per the standard version in Ubuntu), but the openssl library version is 1.1.1-dev, i.e. a development version of the new 1.1.1 release that is still in beta testing. You didn't tell me the output from which openssl, but I'm assuming it is /usr/bin/openssl. What is the output from ldd /usr/bin/openssl? Please also show what echo $LD_LIBRARY_PATH gives you.

– Matt Caswell
Aug 2 '18 at 20:45















Thanks for your help. I needed to work so i decided to reinstall the os, because this was the fastest way for me fixing it. Now everything works fine:)

– TopGun
Aug 4 '18 at 9:32





Thanks for your help. I needed to work so i decided to reinstall the os, because this was the fastest way for me fixing it. Now everything works fine:)

– TopGun
Aug 4 '18 at 9:32










1 Answer
1






active

oldest

votes


















0














I face a similar problem:



   curl https://pypi.org -v
* Rebuilt URL to: https://pypi.org/
* Trying 2a04:4e42:400::223...
* TCP_NODELAY set
* Connected to pypi.org (2a04:4e42:400::223) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: /etc/ssl/certs/ca-certificates.crt
CApath: /etc/ssl/certs
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Client hello (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to pypi.org:443
* stopped the pause stream!
* Closing connection 0
curl: (35) OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to pypi.org:443

OpenSSL 1.1.0g 2 Nov 2017

ldd /usr/bin/openssl
linux-vdso.so.1 (0x00007ffc517f7000)
libssl.so.1.1 => /usr/lib/x86_64-linux-gnu/libssl.so.1.1 (0x00007f9d2ba51000)
libcrypto.so.1.1 => /usr/lib/x86_64-linux-gnu/libcrypto.so.1.1 (0x00007f9d2b5d9000)
libpthread.so.0 => /lib/x86_64-linux-gnu/libpthread.so.0 (0x00007f9d2b3ba000)
libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007f9d2afc9000)
libdl.so.2 => /lib/x86_64-linux-gnu/libdl.so.2 (0x00007f9d2adc5000)
/lib64/ld-linux-x86-64.so.2 (0x00007f9d2bf5c000)


echo $LD_LIBRARY_PATH return an empty line



pip 19.1 from /usr/local/lib/python2.7/dist-packages/pip (python 2.7)
pip 19.1 from /usr/local/lib/python3.6/dist-packages/pip (python 3.6)





share|improve this answer








New contributor




Betroot is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.





















    Your Answer








    StackExchange.ready(function() {
    var channelOptions = {
    tags: "".split(" "),
    id: "89"
    };
    initTagRenderer("".split(" "), "".split(" "), channelOptions);

    StackExchange.using("externalEditor", function() {
    // Have to fire editor after snippets, if snippets enabled
    if (StackExchange.settings.snippets.snippetsEnabled) {
    StackExchange.using("snippets", function() {
    createEditor();
    });
    }
    else {
    createEditor();
    }
    });

    function createEditor() {
    StackExchange.prepareEditor({
    heartbeatType: 'answer',
    autoActivateHeartbeat: false,
    convertImagesToLinks: true,
    noModals: true,
    showLowRepImageUploadWarning: true,
    reputationToPostImages: 10,
    bindNavPrevention: true,
    postfix: "",
    imageUploader: {
    brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
    contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
    allowUrls: true
    },
    onDemand: true,
    discardSelector: ".discard-answer"
    ,immediatelyShowMarkdownHelp:true
    });


    }
    });














    draft saved

    draft discarded


















    StackExchange.ready(
    function () {
    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f1061514%2fafter-ubuntu-update-to-18-4-ssl-error-bad-extension%23new-answer', 'question_page');
    }
    );

    Post as a guest















    Required, but never shown

























    1 Answer
    1






    active

    oldest

    votes








    1 Answer
    1






    active

    oldest

    votes









    active

    oldest

    votes






    active

    oldest

    votes









    0














    I face a similar problem:



       curl https://pypi.org -v
    * Rebuilt URL to: https://pypi.org/
    * Trying 2a04:4e42:400::223...
    * TCP_NODELAY set
    * Connected to pypi.org (2a04:4e42:400::223) port 443 (#0)
    * ALPN, offering h2
    * ALPN, offering http/1.1
    * successfully set certificate verify locations:
    * CAfile: /etc/ssl/certs/ca-certificates.crt
    CApath: /etc/ssl/certs
    * TLSv1.2 (OUT), TLS handshake, Client hello (1):
    * TLSv1.2 (IN), TLS handshake, Server hello (2):
    * TLSv1.2 (IN), TLS handshake, Certificate (11):
    * TLSv1.2 (IN), TLS handshake, Server key exchange (12):
    * TLSv1.2 (IN), TLS handshake, Server finished (14):
    * TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
    * TLSv1.2 (OUT), TLS change cipher, Client hello (1):
    * TLSv1.2 (OUT), TLS handshake, Finished (20):
    * OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to pypi.org:443
    * stopped the pause stream!
    * Closing connection 0
    curl: (35) OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to pypi.org:443

    OpenSSL 1.1.0g 2 Nov 2017

    ldd /usr/bin/openssl
    linux-vdso.so.1 (0x00007ffc517f7000)
    libssl.so.1.1 => /usr/lib/x86_64-linux-gnu/libssl.so.1.1 (0x00007f9d2ba51000)
    libcrypto.so.1.1 => /usr/lib/x86_64-linux-gnu/libcrypto.so.1.1 (0x00007f9d2b5d9000)
    libpthread.so.0 => /lib/x86_64-linux-gnu/libpthread.so.0 (0x00007f9d2b3ba000)
    libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007f9d2afc9000)
    libdl.so.2 => /lib/x86_64-linux-gnu/libdl.so.2 (0x00007f9d2adc5000)
    /lib64/ld-linux-x86-64.so.2 (0x00007f9d2bf5c000)


    echo $LD_LIBRARY_PATH return an empty line



    pip 19.1 from /usr/local/lib/python2.7/dist-packages/pip (python 2.7)
    pip 19.1 from /usr/local/lib/python3.6/dist-packages/pip (python 3.6)





    share|improve this answer








    New contributor




    Betroot is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
    Check out our Code of Conduct.

























      0














      I face a similar problem:



         curl https://pypi.org -v
      * Rebuilt URL to: https://pypi.org/
      * Trying 2a04:4e42:400::223...
      * TCP_NODELAY set
      * Connected to pypi.org (2a04:4e42:400::223) port 443 (#0)
      * ALPN, offering h2
      * ALPN, offering http/1.1
      * successfully set certificate verify locations:
      * CAfile: /etc/ssl/certs/ca-certificates.crt
      CApath: /etc/ssl/certs
      * TLSv1.2 (OUT), TLS handshake, Client hello (1):
      * TLSv1.2 (IN), TLS handshake, Server hello (2):
      * TLSv1.2 (IN), TLS handshake, Certificate (11):
      * TLSv1.2 (IN), TLS handshake, Server key exchange (12):
      * TLSv1.2 (IN), TLS handshake, Server finished (14):
      * TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
      * TLSv1.2 (OUT), TLS change cipher, Client hello (1):
      * TLSv1.2 (OUT), TLS handshake, Finished (20):
      * OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to pypi.org:443
      * stopped the pause stream!
      * Closing connection 0
      curl: (35) OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to pypi.org:443

      OpenSSL 1.1.0g 2 Nov 2017

      ldd /usr/bin/openssl
      linux-vdso.so.1 (0x00007ffc517f7000)
      libssl.so.1.1 => /usr/lib/x86_64-linux-gnu/libssl.so.1.1 (0x00007f9d2ba51000)
      libcrypto.so.1.1 => /usr/lib/x86_64-linux-gnu/libcrypto.so.1.1 (0x00007f9d2b5d9000)
      libpthread.so.0 => /lib/x86_64-linux-gnu/libpthread.so.0 (0x00007f9d2b3ba000)
      libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007f9d2afc9000)
      libdl.so.2 => /lib/x86_64-linux-gnu/libdl.so.2 (0x00007f9d2adc5000)
      /lib64/ld-linux-x86-64.so.2 (0x00007f9d2bf5c000)


      echo $LD_LIBRARY_PATH return an empty line



      pip 19.1 from /usr/local/lib/python2.7/dist-packages/pip (python 2.7)
      pip 19.1 from /usr/local/lib/python3.6/dist-packages/pip (python 3.6)





      share|improve this answer








      New contributor




      Betroot is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.























        0












        0








        0







        I face a similar problem:



           curl https://pypi.org -v
        * Rebuilt URL to: https://pypi.org/
        * Trying 2a04:4e42:400::223...
        * TCP_NODELAY set
        * Connected to pypi.org (2a04:4e42:400::223) port 443 (#0)
        * ALPN, offering h2
        * ALPN, offering http/1.1
        * successfully set certificate verify locations:
        * CAfile: /etc/ssl/certs/ca-certificates.crt
        CApath: /etc/ssl/certs
        * TLSv1.2 (OUT), TLS handshake, Client hello (1):
        * TLSv1.2 (IN), TLS handshake, Server hello (2):
        * TLSv1.2 (IN), TLS handshake, Certificate (11):
        * TLSv1.2 (IN), TLS handshake, Server key exchange (12):
        * TLSv1.2 (IN), TLS handshake, Server finished (14):
        * TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
        * TLSv1.2 (OUT), TLS change cipher, Client hello (1):
        * TLSv1.2 (OUT), TLS handshake, Finished (20):
        * OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to pypi.org:443
        * stopped the pause stream!
        * Closing connection 0
        curl: (35) OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to pypi.org:443

        OpenSSL 1.1.0g 2 Nov 2017

        ldd /usr/bin/openssl
        linux-vdso.so.1 (0x00007ffc517f7000)
        libssl.so.1.1 => /usr/lib/x86_64-linux-gnu/libssl.so.1.1 (0x00007f9d2ba51000)
        libcrypto.so.1.1 => /usr/lib/x86_64-linux-gnu/libcrypto.so.1.1 (0x00007f9d2b5d9000)
        libpthread.so.0 => /lib/x86_64-linux-gnu/libpthread.so.0 (0x00007f9d2b3ba000)
        libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007f9d2afc9000)
        libdl.so.2 => /lib/x86_64-linux-gnu/libdl.so.2 (0x00007f9d2adc5000)
        /lib64/ld-linux-x86-64.so.2 (0x00007f9d2bf5c000)


        echo $LD_LIBRARY_PATH return an empty line



        pip 19.1 from /usr/local/lib/python2.7/dist-packages/pip (python 2.7)
        pip 19.1 from /usr/local/lib/python3.6/dist-packages/pip (python 3.6)





        share|improve this answer








        New contributor




        Betroot is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
        Check out our Code of Conduct.










        I face a similar problem:



           curl https://pypi.org -v
        * Rebuilt URL to: https://pypi.org/
        * Trying 2a04:4e42:400::223...
        * TCP_NODELAY set
        * Connected to pypi.org (2a04:4e42:400::223) port 443 (#0)
        * ALPN, offering h2
        * ALPN, offering http/1.1
        * successfully set certificate verify locations:
        * CAfile: /etc/ssl/certs/ca-certificates.crt
        CApath: /etc/ssl/certs
        * TLSv1.2 (OUT), TLS handshake, Client hello (1):
        * TLSv1.2 (IN), TLS handshake, Server hello (2):
        * TLSv1.2 (IN), TLS handshake, Certificate (11):
        * TLSv1.2 (IN), TLS handshake, Server key exchange (12):
        * TLSv1.2 (IN), TLS handshake, Server finished (14):
        * TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
        * TLSv1.2 (OUT), TLS change cipher, Client hello (1):
        * TLSv1.2 (OUT), TLS handshake, Finished (20):
        * OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to pypi.org:443
        * stopped the pause stream!
        * Closing connection 0
        curl: (35) OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to pypi.org:443

        OpenSSL 1.1.0g 2 Nov 2017

        ldd /usr/bin/openssl
        linux-vdso.so.1 (0x00007ffc517f7000)
        libssl.so.1.1 => /usr/lib/x86_64-linux-gnu/libssl.so.1.1 (0x00007f9d2ba51000)
        libcrypto.so.1.1 => /usr/lib/x86_64-linux-gnu/libcrypto.so.1.1 (0x00007f9d2b5d9000)
        libpthread.so.0 => /lib/x86_64-linux-gnu/libpthread.so.0 (0x00007f9d2b3ba000)
        libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007f9d2afc9000)
        libdl.so.2 => /lib/x86_64-linux-gnu/libdl.so.2 (0x00007f9d2adc5000)
        /lib64/ld-linux-x86-64.so.2 (0x00007f9d2bf5c000)


        echo $LD_LIBRARY_PATH return an empty line



        pip 19.1 from /usr/local/lib/python2.7/dist-packages/pip (python 2.7)
        pip 19.1 from /usr/local/lib/python3.6/dist-packages/pip (python 3.6)






        share|improve this answer








        New contributor




        Betroot is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
        Check out our Code of Conduct.









        share|improve this answer



        share|improve this answer






        New contributor




        Betroot is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
        Check out our Code of Conduct.









        answered 12 mins ago









        BetrootBetroot

        1




        1




        New contributor




        Betroot is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
        Check out our Code of Conduct.





        New contributor





        Betroot is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
        Check out our Code of Conduct.






        Betroot is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
        Check out our Code of Conduct.






























            draft saved

            draft discarded




















































            Thanks for contributing an answer to Ask Ubuntu!


            • Please be sure to answer the question. Provide details and share your research!

            But avoid



            • Asking for help, clarification, or responding to other answers.

            • Making statements based on opinion; back them up with references or personal experience.


            To learn more, see our tips on writing great answers.




            draft saved


            draft discarded














            StackExchange.ready(
            function () {
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f1061514%2fafter-ubuntu-update-to-18-4-ssl-error-bad-extension%23new-answer', 'question_page');
            }
            );

            Post as a guest















            Required, but never shown





















































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown

































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown







            Popular posts from this blog

            GameSpot

            日野市

            Tu-95轟炸機