Issues establising SSL connection after a wget command

Matt Caswell matt at
Tue Jun 18 09:48:14 UTC 2019

On 17/06/2019 21:29, Eric Ntonfo wrote:
> Hello,
> I am running an Ubuntu 12.04 TLS server and can't use wget to download software
> packages
> The command
> wget
> fails with the following error
> --2019-06-17 22:10:11--
> Resolving ( 2a04:4e42:9::561,
> Connecting to (|2a04:4e42:9::561|:80... connected.
> HTTP request sent, awaiting response... 301 Moved Permanently
> Location: [following]
> --2019-06-17 22:10:11--
> Connecting to (|2a04:4e42:9::561|:443... connected.
> *OpenSSL: error:1407742E:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1 alert
> protocol version*
> Unable to establish SSL connection.

You get this error when the client is offering a version of TLS that is too low
for the server. I just did some tests and it appears that this server will
refuse to connect with anything less than TLSv1.2.

That should be fine with both OpenSSL 1.0.1 and OpenSSL 1.0.2. Both of those
support TLSv1.2 and will offer it by default. However an application can
override the defaults. My suspicion is that your version of wget is old and, for
some reason, is overriding the default TLS version and requiring some earlier

Upgrading wget might work.


> I am unable to fix this issue. I have upgraded from openssl 1.0.1 on my Ubuntu
> box to openssl 1.0.2 having heard that this latest version fix the bug
> But still having it.
> Can someone help please?
> Regards
> Eric

More information about the openssl-users mailing list