1

We are working on a red hat linux server, and we can apply openssl version and openssl will get you inside openssl shell-like Openssl>

But there is no directory /etc/ssl/ and we are getting the following failure when we try to connect:

[<username>@<pc name> etc]$ openssl s_client -port 31114 -host <ipaddress> -ssl3 -quiet -crlf
904:error:1409E0E5:SSL routines:SSL3_WRITE_BYTES:ssl handshake failure:s3_pkt.c:530:

It is not working, nothing is working in openssl on the server? what shall we do?

we are sure that openssl is installed:

[root@<pc name> ~]# yum list |grep openssl
This system is not registered with RHN.
RHN support will be disabled.
openssl.i686                             0.9.8e-12.el5          installed
openssl.x86_64                           0.9.8e-12.el5          installed
openssl-devel.i386                       0.9.8e-12.el5          installed
openssl-devel.x86_64                     0.9.8e-12.el5          installed
openssl097a.i386                         0.9.7a-9.el5_2.1       installed
openssl097a.x86_64                       0.9.7a-9.el5_2.1       installed

Thank you in advance.

Improve this question
3
  • Have you tried the -servername option? Does tls work via the switch -tls1? Have you tried just creating the /etc/ssl directory yourself? Commented Aug 3, 2016 at 13:31
  • @tale852150 I can create the directory ssl, but I think it is not the good way (it should be automatically created maybe), where is this -servername option ? how can I check the -tls1 thing?thank you Commented Aug 3, 2016 at 13:39
  • Stack Overflow is a site for programming and development questions. This question appears to be off-topic because it is not about programming or development. See What topics can I ask about here in the Help Center. Perhaps Super User or Unix & Linux Stack Exchange would be a better place to ask. Also see Where do I post questions about Dev Ops?. Commented Aug 3, 2016 at 14:28

2 Answers 2

Reset to default
1 
[<username>@<pc name> etc]$ openssl s_client -port 31114 -host <ipaddress> -ssl3 -quiet -crlf
904:error:1409E0E5:SSL routines:SSL3_WRITE_BYTES:ssl handshake failure:s3_pkt.c:530:

It is likely that your unknown server does not allow SSL 3.0 at all since this old protocol version is considered insecure for a long time. And if the protocol is denied by the server the handshake will fail as in this case. This is unrelated to the existence of the /etc/ssl directory.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

0

yum whatprovides /etc/ssl/ shows which package provides this dir.

In EL6 it is ca-certificates-2015. Install that package.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.