Strange Cloudflare Cert on

ihsan at ihsan at
Sun Apr 23 16:55:20 CEST 2017

Hi Dago,

> I noticed that our package propagation is broken because the buglist could not be retreived
> by the go program from
> The cert from Cloudflare can not be viewed by our current openssl, maybe the ciphers are
> too new?
> web at web [web]:/home/web/bin/gar/go > openssl s_client -connect -showcerts
> CONNECTED(00000004)
> 18446744071545616348:error:14077438:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1 alert internal error:s23_clnt.c:757:

You have to use SNI. All browsers are doing that by default, but with OpenSSL you have to specify it first: 
$ openssl s_client -servername -connect -showcerts


ihsan at 

More information about the buildfarm mailing list