Hi Yann, I just got a bug report for wget not being able to download the patchdiag.xref via https: https://www.opencsw.org/mantis/view.php?id=5068
I can reproduce the problem with openssl: > root@login :/root > openssl s_client -connect getupdates.oracle.com:443 > CONNECTED(00000006) > write:errno=131 > --- > no peer certificate available > --- > No client certificate CA names sent > --- > SSL handshake has read 0 bytes and written 321 bytes > --- > New, (NONE), Cipher is (NONE) > Secure Renegotiation IS NOT supported > Compression: NONE > Expansion: NONE > --- > zsh: 13656 exit 1 openssl s_client -connect getupdates.oracle.com:443 > root@login :/root > It should look like this: > root@login :/root > openssl s_client -connect www.google.com:443 > CONNECTED(00000006) > depth=1 C = US, O = Google Inc, CN = Google Internet Authority > verify error:num=20:unable to get local issuer certificate > verify return:0 > write:errno=0 > --- > Certificate chain > 0 s:/C=US/ST=California/L=Mountain View/O=Google Inc/CN=www.google.com > i:/C=US/O=Google Inc/CN=Google Internet Authority > 1 s:/C=US/O=Google Inc/CN=Google Internet Authority > i:/C=US/O=Equifax/OU=Equifax Secure Certificate Authority > --- > Server certificate > -----BEGIN CERTIFICATE----- > MIIDgDCCAumgAwIBAgIKQJSmXwABAACDizANBgkqhkiG9w0BAQUFADBGMQswCQYD > VQQGEwJVUzETMBEGA1UEChMKR29vZ2xlIEluYzEiMCAGA1UEAxMZR29vZ2xlIElu > dGVybmV0IEF1dGhvcml0eTAeFw0xMzA0MTExMjUxNTJaFw0xMzEyMzExNTU4NTBa > MGgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQHEw1N > b3VudGFpbiBWaWV3MRMwEQYDVQQKEwpHb29nbGUgSW5jMRcwFQYDVQQDEw53d3cu > Z29vZ2xlLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA2mKYQJK+Uu1N > B60eCZjotPI4WcFEVlAg1/Wrkn6IgQtgdDdoDqLafkJpzdxpCiS9QfMVTMx0KnSE > q5yqbIsoIGXECo7LP8DqMIXyLhNQxImZGP0ECnBEoDU+846H/SwRqF84iy13ywZq > IgURrEKml5xkFQVeB5VcHz9A25TkxbMCAwEAAaOCAVEwggFNMB0GA1UdJQQWMBQG > CCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQU8/LLjLowUsTURK6fDNOyf3qd > YBswHwYDVR0jBBgwFoAUv8Aw6/VDET5nup6R+/xq2uNrEiQwWwYDVR0fBFQwUjBQ > oE6gTIZKaHR0cDovL3d3dy5nc3RhdGljLmNvbS9Hb29nbGVJbnRlcm5ldEF1dGhv > cml0eS9Hb29nbGVJbnRlcm5ldEF1dGhvcml0eS5jcmwwZgYIKwYBBQUHAQEEWjBY > MFYGCCsGAQUFBzAChkpodHRwOi8vd3d3LmdzdGF0aWMuY29tL0dvb2dsZUludGVy > bmV0QXV0aG9yaXR5L0dvb2dsZUludGVybmV0QXV0aG9yaXR5LmNydDAMBgNVHRMB > Af8EAjAAMBkGA1UdEQQSMBCCDnd3dy5nb29nbGUuY29tMA0GCSqGSIb3DQEBBQUA > A4GBAC2xiFaWgeME1eGE/pmKJYA1KUNb/YwGUaxZ/SOwzSiuA8ke/5NVMrJYHwKW > xAnGkmvQf2IUBaQRVb3PDwMehexQ5SDCc3c5sZcWtxzazLb25HOnFkgO6x3YIpL+ > +jzdQ4Hb/gWhluh660JQpYXO0n8D2aME0PyBQ4+PuBRg6Dog > -----END CERTIFICATE----- > subject=/C=US/ST=California/L=Mountain View/O=Google Inc/CN=www.google.com > issuer=/C=US/O=Google Inc/CN=Google Internet Authority > --- > No client certificate CA names sent > --- > SSL handshake has read 1900 bytes and written 81 bytes > --- > New, TLSv1/SSLv3, Cipher is ECDHE-RSA-RC4-SHA > Server public key is 1024 bit > Secure Renegotiation IS supported > Compression: NONE > Expansion: NONE > SSL-Session: > Protocol : TLSv1.2 > Cipher : ECDHE-RSA-RC4-SHA > Session-ID: > Session-ID-ctx: > Master-Key: > 000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 > Key-Arg : None > PSK identity: None > PSK identity hint: None > SRP username: None > Start Time: 1366380057 > Timeout : 300 (sec) > Verify return code: 20 (unable to get local issuer certificate) > --- > zsh: 13518 exit 1 openssl s_client -connect www.google.com:443 > root@login :/root > openssl s_client -connect getupdates.oracle.com:443 > CONNECTED(00000006) > write:errno=131 > --- > no peer certificate available > --- > No client certificate CA names sent > --- > SSL handshake has read 0 bytes and written 321 bytes > --- > New, (NONE), Cipher is (NONE) > Secure Renegotiation IS NOT supported > Compression: NONE > Expansion: NONE > --- > zsh: 13656 exit 1 openssl s_client -connect getupdates.oracle.com:443 > root@login :/root > Other https-sites of course work also, just not Oracle :-( Any idea how to investigate this? Best regards -- Dago _______________________________________________ maintainers mailing list [email protected] https://lists.opencsw.org/mailman/listinfo/maintainers .:: This mailing list's archive is public. ::.
