Public bug reported:
I have my own server (where I'm running Apache/2.4.27), and today I
realized that from (Brave and Google Chrome - different computers) I'm
getting from my websites this error;
This site can’t provide a secure connection
mywebsite.com sent an invalid response.
ERR_SSL_PROTOCOL_ERROR
And the strange thing is that I'm getting this error every fifth click
on my website.
>From my conf file:
SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/mywebsite/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/mywebsite/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateChainFile /etc/letsencrypt/live/mywebsite/chain.pem
SSLCompression off
from options-ssl-apache.conf;
SSLProtocol all -SSLv2 -SSLv3
SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH
SSLHonorCipherOrder on
SSLCompression off
I have checked log file from website but nothing, also nothing here;
/var/log/apache2/error.log
I'm trying to figure out what is causing this error, any ideas where can
I find more info or even better, how to solve this problem?
EDIT:
If I try openssl s_client -connect mywebsite.com:443, it will return:
I'm using: OpenSSL 1.1.0f
CONNECTED(00000003)
...
3073276480:error:1408F119:SSL routines:ssl3_get_record:decryption failed
or bad record mac:../ssl/record/ssl3_record.c:469:
apt-cache policy openssl
openssl:
Installed: 1.1.0f-2~ubuntu14.04.1+deb.sury.org+4
Candidate: 1.1.0f-2~ubuntu14.04.1+deb.sury.org+4
Version table:
*** 1.1.0f-2~ubuntu14.04.1+deb.sury.org+4 0
500 http://ppa.launchpad.net/ondrej/apache2/ubuntu/ trusty/main i386
Packages
100 /var/lib/dpkg/status
1.1.0f-2~ubuntu14.04.1+deb.sury.org+1 0
500 http://ppa.launchpad.net/ondrej/php/ubuntu/ trusty/main i386
Packages
1.0.1f-1ubuntu2.22 0
500 http://si.archive.ubuntu.com/ubuntu/ trusty-updates/main i386
Packages
500 http://security.ubuntu.com/ubuntu/ trusty-security/main i386
Packages
1.0.1f-1ubuntu2 0
500 http://si.archive.ubuntu.com/ubuntu/ trusty/main i386 Packages
lsb_release -rd
Description: Ubuntu 14.04.5 LTS
Release: 14.04
I have tried so many things but no solution yet, so I think this is a possible
bug.
Full debate about this issue is here:
https://serverfault.com/questions/859987/im-getting-error-ssl3-get-
recorddecryption-failed-or-bad-record-mac
** Affects: openssl (Ubuntu)
Importance: Undecided
Status: New
** Tags: openssl
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1704585
Title:
I'm getting error: SSL3_GET_RECORD:decryption failed or bad record
mac
Status in openssl package in Ubuntu:
New
Bug description:
I have my own server (where I'm running Apache/2.4.27), and today I
realized that from (Brave and Google Chrome - different computers) I'm
getting from my websites this error;
This site can’t provide a secure connection
mywebsite.com sent an invalid response.
ERR_SSL_PROTOCOL_ERROR
And the strange thing is that I'm getting this error every fifth click
on my website.
From my conf file:
SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/mywebsite/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/mywebsite/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateChainFile /etc/letsencrypt/live/mywebsite/chain.pem
SSLCompression off
from options-ssl-apache.conf;
SSLProtocol all -SSLv2 -SSLv3
SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH
SSLHonorCipherOrder on
SSLCompression off
I have checked log file from website but nothing, also nothing here;
/var/log/apache2/error.log
I'm trying to figure out what is causing this error, any ideas where
can I find more info or even better, how to solve this problem?
EDIT:
If I try openssl s_client -connect mywebsite.com:443, it will return:
I'm using: OpenSSL 1.1.0f
CONNECTED(00000003)
...
3073276480:error:1408F119:SSL routines:ssl3_get_record:decryption
failed or bad record mac:../ssl/record/ssl3_record.c:469:
apt-cache policy openssl
openssl:
Installed: 1.1.0f-2~ubuntu14.04.1+deb.sury.org+4
Candidate: 1.1.0f-2~ubuntu14.04.1+deb.sury.org+4
Version table:
*** 1.1.0f-2~ubuntu14.04.1+deb.sury.org+4 0
500 http://ppa.launchpad.net/ondrej/apache2/ubuntu/ trusty/main i386
Packages
100 /var/lib/dpkg/status
1.1.0f-2~ubuntu14.04.1+deb.sury.org+1 0
500 http://ppa.launchpad.net/ondrej/php/ubuntu/ trusty/main i386
Packages
1.0.1f-1ubuntu2.22 0
500 http://si.archive.ubuntu.com/ubuntu/ trusty-updates/main i386
Packages
500 http://security.ubuntu.com/ubuntu/ trusty-security/main i386
Packages
1.0.1f-1ubuntu2 0
500 http://si.archive.ubuntu.com/ubuntu/ trusty/main i386 Packages
lsb_release -rd
Description: Ubuntu 14.04.5 LTS
Release: 14.04
I have tried so many things but no solution yet, so I think this is a
possible bug.
Full debate about this issue is here:
https://serverfault.com/questions/859987/im-getting-error-ssl3-get-
recorddecryption-failed-or-bad-record-mac
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1704585/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
