Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 277243

Summary: openssl-0.9.8k-r1 - failure to connect to some HTTPS websites (TLSv1 issue I think)
Product: Gentoo Linux Reporter: Emopig <andrew>
Component: New packagesAssignee: Gentoo Linux bug wranglers <bug-wranglers>
Status: RESOLVED NEEDINFO    
Severity: major    
Priority: High    
Version: unspecified   
Hardware: AMD64   
OS: Linux   
URL: https://pointofsale.ancestry.com/
Whiteboard:
Package list:
Runtime testing required: ---

Description Emopig 2009-07-09 19:58:31 UTC 
I have had some problems over the last month or so connecting to various HTTPS  websites in Firefox - today I took the time to try and debug it and found the cause to be newer versions of OpenSSL.

Opera was working fine - I guess because it statically links statically against OpenSSL shipped by them? 

Anyway, after masking OpenSSL 0.9.8k* and going back to 'j', then re-emerging dev-libs/nss, the problem was resolved. 

Interestingly the test URL works with 0.9.8k if you resolve it to an IP address first and visit https://66.43.31.58/ (and add a Firefox certificate exception).

Reproducible: Always

Steps to Reproduce:
1. Make sure you are on openssl-0.9.8k-r1 and re-emerge dev-libs/nss (v3.12.3-r1  here)
2. Visit https://pointofsale.ancestry.com/ in Firefox

Actual Results:  
The page will never load and Firefox will display a 'connection was reset' error

Expected Results:  
The page should show a "Directory Listing Denied" page.
Comment 1 Emopig 2009-07-09 20:17:58 UTC 
I am unable to reproduce this now :-/
Comment 2 Emopig 2009-07-11 20:33:40 UTC 
That is, I can't reproduce the fix. This website still doesnt' work from gentoo but it is working for me from Windows XP - and still works when using the IP and certificate exception.