Thank you for your reply. First, i'm running on Ubuntu 12.04, and
installed locally build git-, curl-7.33.0, openssl-1.0.1e.
git1.7 is fetched from apt-get, and git-1.8 is locally build. Form
LD_DEBUG log, git-1.7 using library which is
ubuntu's default installed, and git-1.8 using locally build libcurl
(installed in /usr/local).

Here's my response from openssl to, hope this is
good enough.
New, TLSv1/SSLv3, Cipher is RC4-MD5
Server public key is 2048 bit
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
    Protocol  : TLSv1
    Cipher    : RC4-MD5
    Session-ID: XXX
    Master-Key: XXXXXX
    Key-Arg   : None
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    Start Time: 1385699504
    Timeout   : 300 (sec)
    Verify return code: 20 (unable to get local issuer certificate)

About verify return code, it seems doens't matter only for connecting.
(because I tried another machine which's working well, and it returns
same code.)

If I try -no_tls1, theerror has printed as below.
error:14077102:SSL routines:SSL23_GET_SERVER_HELLO:unsupported


Sorry for long mail, but the openssl command above is
/usr/bin/openssl, which is distributed with Ubuntu 12.04. I tried with
locally build openssl command which is from openssl-1.0.1e package,
then the output differs. Only when I use -no_tls1, the connection
establised, otherwise it stucks.

Does this mean, the server side using old ssl/tls library? (Which
doens't support tlsv1)

best regards,

On Fri, Nov 29, 2013 at 12:18 AM, Konstantin Khomoutov
<> wrote:
> On Wed, 27 Nov 2013 21:57:56 -0800 (PST)
> Shinpei Nakata <> wrote:
>> Recently i've changed my git from to
> [...]
> And next time please also tell us:
> * Which OS (and its version this is).
> * Did "changing" Git from one version to another involved upgrading
>   other software or not.

Shinpei Nakata

You received this message because you are subscribed to the Google Groups "Git 
for human beings" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
For more options, visit

Reply via email to