SSL/TLS error with links and lynx - possibly due to CloudFlare
First lynx:
According to the report by SSLLabs the server supports only ECDHE ciphers. Based on a packet capture when using lynx in 14.04 it offers no ECDHE ciphers. This means no cipher overlap and thus the handshake fails.
And links:
According to the SSLLabs report the site needs a client with support for SNI. links got SNI support with version 2.10 but you are using 2.8 only. Therefore the handshake will fail.
Related videos on Youtube
Baard Kopperud
Updated on September 18, 2022Comments
-
Baard Kopperud over 1 year
I often work in the terminal - for example on a VPS I've set up - including for browsing with
links
andlynx
. Unfortunately I've been getting some errors:links:
Error loading https://www.thepiratebay.se/: SSL error
lynx:
Looking up www.thepiratebay.se first Looking up www.thepiratebay.se Making HTTP connection to www.thepiratebay.se Sending HTTP request. HTTP request sent; waiting for response. HTTP/1.1 301 Moved Permanently 'A'lways allowing from domain '.thepiratebay.se'. Data transfer complete HTTP/1.1 301 Moved Permanently Using https://www.thepiratebay.se/ Looking up www.thepiratebay.se Making HTTPS connection to www.thepiratebay.se Retrying connection without TLS. Looking up www.thepiratebay.se Making HTTPS connection to www.thepiratebay.se Alert!: Unable to make secure connection to remote host. lynx: Can't access startfile http://www.thepiratebay.se/
Disclaimer: ThePirateBay is of course just an example - taken completely out of the air... and besides, if I actually used the site, it would only be to read all the in-depth articles...
I've come across the same problem for some other sites too, and I suspect it may have something to do with them using CloudFlare (I'm not sure though)...
firefox
andchrome
have no SSL/TLS problems with the same sites.I'm running an current updated Ubuntu
14.04.4 x64
on DigitalOcean.Edit: Versions:
Lynx:
Lynx Version 2.8.8pre.4 (04 Feb 2014) libwww-FM 2.14, SSL-MM 1.4.1, GNUTLS 2.12.23, ncurses 5.9.20140118(wide) Built on linux-gnu Feb 5 2014 17:12:49
Links:
Links 2.8
-
Steffen Ullrich almost 8 yearsI would suggest that this is related to SNI. But given the version of Ubuntu you should run Lynx 2.8.8pre4 which has SNI support. Please check the version of lynx you are using, maybe it is an older one.
-
Baard Kopperud almost 8 years@SteffenUllrich Updated question with version-numbers at the end.
-
Steffen Ullrich almost 8 yearslynx should have SNI available, links got SNI support only with version 2.10 and you have 2.8.
-