<html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><title></title><style type="text/css">.felamimail-body-blockquote {margin: 5px 10px 0 3px;padding-left: 10px;border-left: 2px solid #000088;} </style></head><body><div>​Dear experts,</div><div><br></div><div>after I updated the libssl1.1 package from the official Ubuntu 18.04 repository, iPXE is unable to connect to the Apache webserver over SSL.</div><div><br></div><div>The error messages:</div><div><span>ipxe: TLS 0x33444 received overlength Handshake</span></div><div><span><span>ipxe: Download of "default.ipxe" failed: Invalid argument (http://ipxe.org/1c0de802)</span></span></div><div><span><span><br></span></span></div><div><span><span>iPXE is compiled with the following command:</span></span></div><div><span>make DEBUG=tls,x509,ocsp bin/undionly.kpxe TRUST=certs.pem</span></div><div><span><br></span></div><div><span>libssl1.1 package information (dpkg -s libssl1.1):</span></div><div><span>Package: libssl1.1<br>Status: install ok installed<br>Priority: important<br>Section: libs<br>Installed-Size: 3914<br>Maintainer: Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com><br>Architecture: amd64<br>Multi-Arch: same<br>Source: openssl<br>Version: 1.1.1-1ubuntu2.1~18.04.1<br>Depends: libc6 (>= 2.25), debconf (>= 0.5) | debconf-2.0<br>Breaks: isync (<= 1.3.0-1build1), python-boto (<= 2.44.0-1ubuntu2), python-httplib2 (<= 0.9.2+dfsg-1), python-imaplib2 (<= 2.57-1), python3-boto (<= 2.44.0-1ubuntu2), python3-imaplib2 (<= 2.57-1)<br>Description: Secure Sockets Layer toolkit - shared libraries<br> This package is part of the OpenSSL project's implementation of the SSL<br> and TLS cryptographic protocols for secure communication over the<br> Internet.<br> .<br> It provides the libssl and libcrypto shared libraries.<br>Homepage: https://www.openssl.org/<br>Original-Maintainer: Debian OpenSSL Team <pkg-openssl-devel@lists.alioth.debian.org></span></div><div><span><br></span></div><div><span><br></span></div><div><span>As a temporary workaround we did a rollback to the older version:</span></div><div><span>Package: libssl1.1<br>Status: install ok installed<br>Priority: important<br>Section: libs<br>Installed-Size: 3412<br>Maintainer: Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com><br>Architecture: amd64<br>Multi-Arch: same<br>Source: openssl<br>Version: 1.1.0g-2ubuntu4.3<br>Depends: libc6 (>= 2.14), debconf (>= 0.5) | debconf-2.0<br>Breaks: salt-common (<= 2016.3.3+ds-3)<br>Description: Secure Sockets Layer toolkit - shared libraries<br> This package is part of the OpenSSL project's implementation of the SSL<br> and TLS cryptographic protocols for secure communication over the<br> Internet.<br> .<br> It provides the libssl and libcrypto shared libraries.<br>Homepage: https://www.openssl.org/<br>Original-Maintainer: Debian OpenSSL Team <pkg-openssl-devel@lists.alioth.debian.org></span></div><div><span><br></span></div><div><span><br></span></div><div><span>Do you have any suggestions so far?</span></div><div><span><br></span></div><div><span><br></span></div><div><span>Kind regards,</span></div><div><span>Patrick<br></span></div><div><span><br></span></div><div><span><br></span></div></body></html>