** Description changed: - I have my own server (where I'm running Apache/2.4.27), and today I - realized that from (Brave and Google Chrome - different computers) I'm - getting from my websites this error; + Adter so many tries to solve this issue we were unable to find a + solution. So from that point we assumed that it can be a possible bug. - This site can’t provide a secure connection + It was tested on Apache/2.4.27 - mywebsite.com sent an invalid response. - ERR_SSL_PROTOCOL_ERROR + lsb_release -rd - And the strange thing is that I'm getting this error every fifth click - on my website. + Description: Ubuntu 14.04.5 LTS + Release: 14.04 - From my conf file: + OpenSSL version 1.1.0f - SSLEngine on - SSLCertificateFile /etc/letsencrypt/live/mywebsite/cert.pem - SSLCertificateKeyFile /etc/letsencrypt/live/mywebsite/privkey.pem - Include /etc/letsencrypt/options-ssl-apache.conf - SSLCertificateChainFile /etc/letsencrypt/live/mywebsite/chain.pem - SSLCompression off - - from options-ssl-apache.conf; + Our options-ssl-apache.conf; SSLProtocol all -SSLv2 -SSLv3 SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH SSLHonorCipherOrder on SSLCompression off - I have checked log file from website but nothing, also nothing here; - /var/log/apache2/error.log + We tried to manipulate and change CipherSuite but same error will appear + always. - I'm trying to figure out what is causing this error, any ideas where can - I find more info or even better, how to solve this problem? - - EDIT: If I try openssl s_client -connect mywebsite.com:443, it will return: I'm using: OpenSSL 1.1.0f CONNECTED(00000003) ... 3073276480:error:1408F119:SSL routines:ssl3_get_record:decryption failed or bad record mac:../ssl/record/ssl3_record.c:469: apt-cache policy openssl + openssl: - Installed: 1.1.0f-2~ubuntu14.04.1+deb.sury.org+4 - Candidate: 1.1.0f-2~ubuntu14.04.1+deb.sury.org+4 - Version table: - *** 1.1.0f-2~ubuntu14.04.1+deb.sury.org+4 0 - 500 http://ppa.launchpad.net/ondrej/apache2/ubuntu/ trusty/main i386 Packages - 100 /var/lib/dpkg/status - 1.1.0f-2~ubuntu14.04.1+deb.sury.org+1 0 - 500 http://ppa.launchpad.net/ondrej/php/ubuntu/ trusty/main i386 Packages - 1.0.1f-1ubuntu2.22 0 - 500 http://si.archive.ubuntu.com/ubuntu/ trusty-updates/main i386 Packages - 500 http://security.ubuntu.com/ubuntu/ trusty-security/main i386 Packages - 1.0.1f-1ubuntu2 0 - 500 http://si.archive.ubuntu.com/ubuntu/ trusty/main i386 Packages - - lsb_release -rd - - Description: Ubuntu 14.04.5 LTS - Release: 14.04 + Installed: 1.1.0f-2~ubuntu14.04.1+deb.sury.org+4 + Candidate: 1.1.0f-2~ubuntu14.04.1+deb.sury.org+4 + Version table: + *** 1.1.0f-2~ubuntu14.04.1+deb.sury.org+4 0 + 500 http://ppa.launchpad.net/ondrej/apache2/ubuntu/ trusty/main i386 Packages + 100 /var/lib/dpkg/status + 1.1.0f-2~ubuntu14.04.1+deb.sury.org+1 0 + 500 http://ppa.launchpad.net/ondrej/php/ubuntu/ trusty/main i386 Packages + 1.0.1f-1ubuntu2.22 0 + 500 http://si.archive.ubuntu.com/ubuntu/ trusty-updates/main i386 Packages + 500 http://security.ubuntu.com/ubuntu/ trusty-security/main i386 Packages + 1.0.1f-1ubuntu2 0 + 500 http://si.archive.ubuntu.com/ubuntu/ trusty/main i386 Packages - I have tried so many things but no solution yet, so I think this is a possible bug. - - Full debate about this issue is here: - https://serverfault.com/questions/859987/im-getting-error-ssl3-get- - recorddecryption-failed-or-bad-record-mac + Full debate about this issue is here (also some other users suspected a bug): https://serverfault.com/questions/859987/im-getting-error-ssl3-get-recorddecryption-failed-or-bad-record-mac
** Description changed: Adter so many tries to solve this issue we were unable to find a solution. So from that point we assumed that it can be a possible bug. It was tested on Apache/2.4.27 lsb_release -rd Description: Ubuntu 14.04.5 LTS Release: 14.04 OpenSSL version 1.1.0f Our options-ssl-apache.conf; SSLProtocol all -SSLv2 -SSLv3 SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH SSLHonorCipherOrder on SSLCompression off We tried to manipulate and change CipherSuite but same error will appear always. - If I try openssl s_client -connect mywebsite.com:443, it will return: - - I'm using: OpenSSL 1.1.0f CONNECTED(00000003) ... 3073276480:error:1408F119:SSL routines:ssl3_get_record:decryption failed or bad record mac:../ssl/record/ssl3_record.c:469: + apt-cache policy openssl openssl: Installed: 1.1.0f-2~ubuntu14.04.1+deb.sury.org+4 Candidate: 1.1.0f-2~ubuntu14.04.1+deb.sury.org+4 Version table: *** 1.1.0f-2~ubuntu14.04.1+deb.sury.org+4 0 500 http://ppa.launchpad.net/ondrej/apache2/ubuntu/ trusty/main i386 Packages 100 /var/lib/dpkg/status 1.1.0f-2~ubuntu14.04.1+deb.sury.org+1 0 500 http://ppa.launchpad.net/ondrej/php/ubuntu/ trusty/main i386 Packages 1.0.1f-1ubuntu2.22 0 500 http://si.archive.ubuntu.com/ubuntu/ trusty-updates/main i386 Packages 500 http://security.ubuntu.com/ubuntu/ trusty-security/main i386 Packages 1.0.1f-1ubuntu2 0 500 http://si.archive.ubuntu.com/ubuntu/ trusty/main i386 Packages - - Full debate about this issue is here (also some other users suspected a bug): https://serverfault.com/questions/859987/im-getting-error-ssl3-get-recorddecryption-failed-or-bad-record-mac + Full debate about this issue is here (also some other users suspected a + bug): https://serverfault.com/questions/859987/im-getting-error-ssl3 + -get-recorddecryption-failed-or-bad-record-mac ** Summary changed: - I'm getting error: SSL3_GET_RECORD:decryption failed or bad record mac + SSL3_GET_RECORD:decryption failed or bad record mac -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssl in Ubuntu. https://bugs.launchpad.net/bugs/1704585 Title: SSL3_GET_RECORD:decryption failed or bad record mac Status in openssl package in Ubuntu: New Bug description: Adter so many tries to solve this issue we were unable to find a solution. So from that point we assumed that it can be a possible bug. It was tested on Apache/2.4.27 lsb_release -rd Description: Ubuntu 14.04.5 LTS Release: 14.04 OpenSSL version 1.1.0f Our options-ssl-apache.conf; SSLProtocol all -SSLv2 -SSLv3 SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH SSLHonorCipherOrder on SSLCompression off We tried to manipulate and change CipherSuite but same error will appear always. If I try openssl s_client -connect mywebsite.com:443, it will return: CONNECTED(00000003) ... 3073276480:error:1408F119:SSL routines:ssl3_get_record:decryption failed or bad record mac:../ssl/record/ssl3_record.c:469: apt-cache policy openssl openssl: Installed: 1.1.0f-2~ubuntu14.04.1+deb.sury.org+4 Candidate: 1.1.0f-2~ubuntu14.04.1+deb.sury.org+4 Version table: *** 1.1.0f-2~ubuntu14.04.1+deb.sury.org+4 0 500 http://ppa.launchpad.net/ondrej/apache2/ubuntu/ trusty/main i386 Packages 100 /var/lib/dpkg/status 1.1.0f-2~ubuntu14.04.1+deb.sury.org+1 0 500 http://ppa.launchpad.net/ondrej/php/ubuntu/ trusty/main i386 Packages 1.0.1f-1ubuntu2.22 0 500 http://si.archive.ubuntu.com/ubuntu/ trusty-updates/main i386 Packages 500 http://security.ubuntu.com/ubuntu/ trusty-security/main i386 Packages 1.0.1f-1ubuntu2 0 500 http://si.archive.ubuntu.com/ubuntu/ trusty/main i386 Packages Full debate about this issue is here (also some other users suspected a bug): https://serverfault.com/questions/859987/im-getting-error-ssl3 -get-recorddecryption-failed-or-bad-record-mac To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1704585/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
