search

openssl / web

www.openssl.org
51 stars 77 forks source link

https://www.openssl.org currently unavailable #468

Closed alex closed 5 months ago

alex commented 5 months ago 
~ ❯❯❯ curl -vvv -I https://www.openssl.org
*   Trying [2600:1901:0:1812::]:443...
* Connected to www.openssl.org (2600:1901:0:1812::) port 443
* ALPN: curl offers h2,http/1.1
* (304) (OUT), TLS handshake, Client hello (1):
*  CAfile: /etc/ssl/cert.pem
*  CApath: none
* LibreSSL/3.3.6: error:1404B410:SSL routines:ST_CONNECT:sslv3 alert handshake failure
* Closing connection
curl: (35) LibreSSL/3.3.6: error:1404B410:SSL routines:ST_CONNECT:sslv3 alert handshake failure
~ ❯❯❯ openssl s_client -debug -connect www.openssl.org:443
Connecting to 2600:1901:0:1812::
CONNECTED(00000005)
write to 0x600002d96980 [0x139817200] (323 bytes => 323 (0x143))
0000 - 16 03 01 01 3e 01 00 01-3a 03 03 05 df 2d 0a 52   ....>...:....-.R
0010 - 7e 12 27 51 0c 71 9e 5d-6e 92 b1 ac 55 31 cc a5   ~.'Q.q.]n...U1..
0020 - 0f f6 ef 74 8d 84 3e 50-bb 1c 39 20 5b c0 8d ba   ...t..>P..9 [...
0030 - 62 4b 2c df a3 95 23 fc-06 f9 65 72 54 a5 b0 70   bK,...#...erT..p
0040 - de 6a 20 46 25 58 83 3e-0e a9 c3 5d 00 3e 13 02   .j F%X.>...].>..
0050 - 13 03 13 01 c0 2c c0 30-00 9f cc a9 cc a8 cc aa   .....,.0........
0060 - c0 2b c0 2f 00 9e c0 24-c0 28 00 6b c0 23 c0 27   .+./...$.(.k.#.'
0070 - 00 67 c0 0a c0 14 00 39-c0 09 c0 13 00 33 00 9d   .g.....9.....3..
0080 - 00 9c 00 3d 00 3c 00 35-00 2f 00 ff 01 00 00 b3   ...=.<.5./......
0090 - 00 00 00 14 00 12 00 00-0f 77 77 77 2e 6f 70 65   .........www.ope
00a0 - 6e 73 73 6c 2e 6f 72 67-00 0b 00 04 03 00 01 02   nssl.org........
00b0 - 00 0a 00 16 00 14 00 1d-00 17 00 1e 00 19 00 18   ................
00c0 - 01 00 01 01 01 02 01 03-01 04 00 23 00 00 00 16   ...........#....
00d0 - 00 00 00 17 00 00 00 0d-00 30 00 2e 04 03 05 03   .........0......
00e0 - 06 03 08 07 08 08 08 1a-08 1b 08 1c 08 09 08 0a   ................
00f0 - 08 0b 08 04 08 05 08 06-04 01 05 01 06 01 03 03   ................
0100 - 03 01 03 02 04 02 05 02-06 02 00 2b 00 05 04 03   ...........+....
0110 - 04 03 03 00 2d 00 02 01-01 00 33 00 26 00 24 00   ....-.....3.&.$.
0120 - 1d 00 20 c9 55 9f 25 fb-2f 22 3a 6b cf 98 ac 4d   .. .U.%./":k...M
0130 - ea e0 e2 fc eb 49 9e 90-4a a8 24 4a 95 b9 08 1e   .....I..J.$J....
0140 - fe 27 75                                          .'u
read from 0x600002d96980 [0x13981c403] (5 bytes => 5 (0x5))
0000 - 15 03 01 00 02                                    .....
read from 0x600002d96980 [0x13981c408] (2 bytes => 2 (0x2))
0000 - 02 28                                             .(
409C80E101000000:error:0A000410:SSL routines:ssl3_read_bytes:ssl/tls alert handshake failure:ssl/record/rec_layer_s3.c:865:SSL alert number 40
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 7 bytes and written 323 bytes
Verification: OK
---
New, (NONE), Cipher is (NONE)
This TLS version forbids renegotiation.
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 0 (ok)
---
read from 0x600002d96980 [0x13900e000] (8192 bytes => 0)
vavroch2010 commented 5 months ago

This issue was caused by changes on our CDN provider (deployment of new certificate) and unfortunately this is side effect of activity. Everything should be back to normal now. @alex - thanks for reporting