Bug#623001: libgnutls26: fails to handshake on a number of sites (firefox works)

Gustavo Noronha Silva kov at debian.org
Sat Apr 16 14:48:22 UTC 2011

Package: libgnutls26
Version: 2.12.2-1
Severity: normal


I've been seeing this problem mostly in Epiphany - the web page
renders with the layout totally broken because the CSS failed to
download because of this issue. Some big sites like github.com are

For instance, trying to render this URL in Epiphany gives me a badly
formatted page:


CSS URLs like this one can't be downloaded:


The reason reported is 'Peer failed to perform TLS handshake'. Here's
a test with gnutls-cli:

	kov at goiaba:~$ gnutls-cli d3nwyuy0nl342s.cloudfront.net
	Resolving 'd3nwyuy0nl342s.cloudfront.net'...
	Connecting to ''...
	*** Fatal error: A TLS fatal alert has been received.
	*** Received alert [40]: Handshake failed
	*** Handshake has failed
	GnuTLS error: A TLS fatal alert has been received.


-- System Information:
Debian Release: wheezy/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (100, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.38-2-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_GB.utf8, LC_CTYPE=en_GB.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages libgnutls26 depends on:
ii  libc6                     2.13-0exp5     Embedded GNU C Library: Shared lib
ii  libgcrypt11               1.5.0~beta1-1  LGPL Crypto library - runtime libr
ii  libtasn1-3                2.9-2          Manage ASN.1 structures (runtime)
ii  zlib1g                    1:1.2.5.dfsg-1 compression library - runtime

libgnutls26 recommends no packages.

Versions of packages libgnutls26 suggests:
ii  gnutls-bin                    2.12.2-1   GNU TLS library - commandline util

-- no debconf information

More information about the Pkg-gnutls-maint mailing list