3
I have a problem with my Ubuntu (Ubuntu 16.04.5 LTS) server. It is very strange. When I try to use any tool for fetching a specific URL over ssl it fails. Examples:
CURL
curl -v https://www.netonnet.se/
* Trying 91.198.164.24...
* Connected to www.netonnet.se (91.198.164.24) port 443 (#0)
* found 148 certificates in /etc/ssl/certs/ca-certificates.crt
* found 596 certificates in /etc/ssl/certs
* ALPN, offering http/1.1
* gnutls_handshake() failed: Error in the pull function.
* Closing connection 0
curl: (35) gnutls_handshake() failed: Error in the pull function.
WGET
wget -v https://www.netonnet.se/
--2018-12-29 12:00:42-- https://www.netonnet.se/
Resolving www.netonnet.se (www.netonnet.se)... 91.198.164.24
Connecting to www.netonnet.se (www.netonnet.se)|91.198.164.24|:443... connected.
Unable to establish SSL connection
Any other way I try to access this website also fails so it must be something deeper, these requests are successful on all other servers I tried it on. It affects all users on this sever. I don't use any proxys on this server. How do I debug this?
EDIT
This is what I get when I try openssl. There seems to be something wrong with fetching the certificate from the host.
# openssl s_client -servername www.netonnet.se -connect www.netonnet.se:443
CONNECTED(00000003)
write:errno=104
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 0 bytes and written 317 bytes
Verification: OK
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.3
Cipher : 0000
Session-ID:
Session-ID-ctx:
Resumption PSK:
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1546109807
Timeout : 7200 (sec)
Verify return code: 0 (ok)
Extended master secret: no
Max Early Data: 0
---