Strange Cloudflare Cert on

Dagobert Michelsen dam at
Wed Apr 19 10:16:24 CEST 2017

Hi Ihsan,

I noticed that our package propagation is broken because the buglist could not be retreived
by the go program from

The cert from Cloudflare can not be viewed by our current openssl, maybe the ciphers are
too new?

web at web [web]:/home/web/bin/gar/go > openssl s_client -connect -showcerts
18446744071545616348:error:14077438:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1 alert internal error:s23_clnt.c:757:
no peer certificate available
No client certificate CA names sent
SSL handshake has read 7 bytes and written 297 bytes
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
zsh: 22020 exit 1     openssl s_client -connect -showcerts
web at web [web]:/home/web/bin/gar/go > which openssl

web at web [web]:/home/web/bin/gar/go > openssl s_client -connect -showcerts
depth=2 O = Digital Signature Trust Co., CN = DST Root CA X3
verify return:1
depth=1 C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
verify return:1
depth=0 CN =
verify return:1
Certificate chain
 0 s:/
   i:/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3

Let’s Encrypt works as you can see from the connection to,
would it be a hassle to roll that back?

Best regards

  — Dago

"You don't become great by trying to be great, you become great by wanting to do something,
and then doing it so hard that you become great in the process." - xkcd #896

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 841 bytes
Desc: Message signed with OpenPGP
URL: <>

More information about the buildfarm mailing list