Package: libssl1.0.0 Severity: normal $ openssl s_client -connect get.docker.com:443 CONNECTED(00000003) 139902178879120:error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure:s23_clnt.c:769: --- no peer certificate available --- No client certificate CA names sent --- SSL handshake has read 7 bytes and written 315 bytes --- New, (NONE), Cipher is (NONE) Secure Renegotiation IS NOT supported Compression: NONE Expansion: NONE No ALPN negotiated ---
I did the check above because my apt-cacher-ng recently started barking this error for no obvious reason. Search on internet is inconclusive... some people suggest to enforce TLSv1, other tell something about KeyUsage extension. I tried a code hack, change to SSL_CTX_new(TLSv1_1_client_method()) but that didn't help. Regards, Eduard. -- System Information: Debian Release: stretch/sid APT prefers unstable APT policy: (500, 'unstable'), (500, 'testing'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.2.0+ (SMP w/4 CPU cores; PREEMPT) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Init: sysvinit (via /sbin/init) -- Hart ist Hart. Weich ist Weich. Aber immer weich ist hart.