"openssl(1.0.2k) s_client -connect data.reversinglabs.com:443 -tls1_2" gives error: SSL3_GET_RECORD"wrong version number:s3_pkt.c:365

Geek Geek bcjunk123 at gmail.com
Tue May 17 19:55:42 UTC 2022

I run into the following issue when I use openssl 1.0.2k  (amazon linux2)
to check the connection.

[ec2-user at ip-172-31-29-28 ~]$ openssl s_client -connect
data.reversinglabs.com:443 -tls1_2
139994515941280:error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version
no peer certificate available
No client certificate CA names sent
SSL handshake has read 5 bytes and written 0 bytes
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
    Protocol  : TLSv1.2
    Cipher    : 0000
    Key-Arg   : None
    Krb5 Principal: None
    PSK identity: None
    PSK identity hint: None
    Start Time: 1652817101
    Timeout   : 7200 (sec)
    Verify return code: 0 (ok)

[ec2-user at ip-172-31-29-28 ~]$ openssl version
OpenSSL 1.0.2k-fips  26 Jan 2017

If I use brew install the latest openssl  (3.0.*), then the same command
works.   As our production is still using openssl 1.0.2k, my question is
what causes this error and whether this is really an issue.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-users/attachments/20220517/b3e0414f/attachment.htm>

More information about the openssl-users mailing list