On Wed, Sep 19, 2012, Jochen Hayek wrote: > > Until "recently" this worked for me > (and it still does on a different platform with *older* versions of > "everything"), > but now it breaks: > > $ curl --verbose --insecure 'https://banking.postbank.de/rai/login' > * About to connect() to banking.postbank.de port 443 (#0) > * Trying 62.153.105.15... > * connected > * Connected to banking.postbank.de (62.153.105.15) port 443 (#0) > * successfully set certificate verify locations: > * CAfile: none > CApath: /etc/ssl/certs/ > * SSLv3, TLS handshake, Client hello (1): > * Unknown SSL protocol error in connection to banking.postbank.de:443 > * Closing connection #0 > curl: (35) Unknown SSL protocol error in connection to > banking.postbank.de:443 >
This is a problem with the server. OpenSSL 1.0.1 is the first release to support TLS version 1.2 and some servers "hang" when connecting. The option -no_tls1_2 or -tls1 should allow you to connect again. This is discussed in PR#2771: http://rt.openssl.org/Ticket/Display.html?id=2771&user=guest&pass=guest Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
