Cannot browser lp-cnd.lastpass.com, gives net::ERR_SSL_VERSION_INTERFERENCE in Chrome
-
Strange error that started a couple of days ago. When accessing www.lastpass.com on any of our devices in the network (Mac, PC, iOS) we get a completely broken page - no CSS, no images etc.
Checking in Chrome I see that all commenctions to https://lp-cnd.lastpass.com gives"Failed to load resource net::ERR_SSL_VERSION_INTERFERENCE"
in the console. On same devices connecting through LTE or hotspot to an iPhone - no problems. Accessing another lastpass site, like https://blog.lastpass.com/ works.
Note that all browsers (Safari, Edge and Firefox) experience the same problem when going through the firewall.The network is protected with a APU45-box running 2.4.4-p1. Packages: bandwidthd, nmap, pfBlockerNG, RRD_Summary. 5 firewall rules, mainly passing all. On Advanced -> Network I have tested enabled and disabled the settings for offloading etc. No MTU or MSS on the interfaces. Not much going on in the log-files.
Reboot of everything didn't do any change.I cannot remember having this problem prior to the -p1 update (and for sure my other users would have noticed since we use lastpass company-wide).
With the 2.4.4-p1 we also have had problems with unbound (https://forum.netgate.com/topic/138535/2-4-4_1-unbound-frequently-stops-answering-domain-overrides) so maybe this is also related to that upgrade.We have OpenVPN going to other sites and no problems accessing other sites (that we have found) - just lastpass.com.
Using openssl to troubleshoot (first attempt through the firewall and second on hotspot):
msa@sieglinde:log$ openssl s_client -connect lp-cdn.lastpass.com:443 CONNECTED(00000005) depth=1 C = US, O = DigiCert Inc, CN = DigiCert SHA2 Secure Server CA verify error:num=20:unable to get local issuer certificate verify return:0 write:errno=54 --- Certificate chain 0 s:/C=US/ST=California/L=Los Angeles/O=Verizon Digital Media Services, Inc./OU=SecOps/CN=sa266gl.wpc.edgecastcdn.net i:/C=US/O=DigiCert Inc/CN=DigiCert SHA2 Secure Server CA 1 s:/C=US/O=DigiCert Inc/CN=DigiCert SHA2 Secure Server CA i:/C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert Global Root CA --- Server certificate -----BEGIN CERTIFICATE----- MIILezCCCmOgAwIBAgIQBkhA2HnZEcZ9iPCfS90w5jANBgkqhkiG9w0BAQsFADBN MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5E aWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMTgwNDA2MDAwMDAwWhcN MjAwNzA4MTIwMDAwWjCBnjELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3Ju aWExFDASBgNVBAcTC0xvcyBBbmdlbGVzMS0wKwYDVQQKEyRWZXJpem9uIERpZ2l0 YWwgTWVkaWEgU2VydmljZXMsIEluYy4xDzANBgNVBAsTBlNlY09wczEkMCIGA1UE AxMbc2EyNjZnbC53cGMuZWRnZWNhc3RjZG4ubmV0MIIBIjANBgkqhkiG9w0BAQEF AAOCAQ8AMIIBCgKCAQEAqk580nChPfZPi5IsUna5r/RY4N2aQqFppqIaosgSLlmr 14zfTqkPK6gU2ZHkuqaOABROefXl6ZPHPdDZLM/NeSqPoUzsz8FoejDCV97eONHF 5Firs9qQZ97+VPZRBBbvpQBLnkxOEAcogDA6vFAkSwyxyy8INh1DTgXAJTskaAFV o3AByyWzEY6FKvW4U9EJbvGJAnB2JmqKBXBl4yY2/a7JWsxi9m8u2BPGc1DKqR04 dAvc9vAn6iFOXlPBWoKYHSxP6Bn1zmbLON/feW/gb3FbwtS/qgNS60C1w22q6LGP r93FuTY63n3e9Zoku5faslQrCkaGIzDZ/tmpgnb5CQIDAQABo4IIAzCCB/8wHwYD VR0jBBgwFoAUD4BhHIIxYdUvKOeNRji0LOHG2eIwHQYDVR0OBBYEFC5yKPSUy+00 1EZ8kecs6YEn66SmMIIETQYDVR0RBIIERDCCBECCGWFzc2V0cy5nZXRjbG91ZGNo ZXJyeS5jb22CF2F0dG9tZGF0YS5henVyZWVkZ2UubmV0gg1jZG4uY29tZWV0Lmlu ghFjZG4ubG9naWN2YXBlcy51c4IPY2RuLm5leHRkZWFsLm5sgg9jZG4ub3Npc29m dC5jb22CEGNkbjEucHVwaS1ib3kucnWCEGNkbjIucHVwaS1ib3kucnWCEGNkbjMu cHVwaS1ib3kucnWCDmNkbi1hei5teW1tLmNughxjZG4tZnItd2Vic2l0ZS5henVy ZWVkZ2UubmV0gh1jZG4tbXNmZXV4MDEtMDEuYXp1cmVlZGdlLm5ldIIbY2RudmVy aWZ5Lnd3dy5hdHRvbWRhdGEuY29tghhjb250ZW50Y2RuLmF6dXJlZWRnZS5uZXSC FmVja2VyZC1jZG4ucHJlc2VuY2UuaW+CE2V4cC1jZG4tYXoubXltbS5jb22CEmxp ZmUuYXp1cmVlZGdlLm5ldIITbGlmZS5jaGltcHF1b3RlLmNvbYIUbHAtY2RuLmF6 dXJlZWRnZS5uZXSCE2xwLWNkbi5sYXN0cGFzcy5jb22CIWxyLW1hcC10aWxlLW9y aWdpbi5saWZlLXJhbmdlci5qcIIRbWFpbC5zZ3BpbS5jb20uYnKCEm15bW0uYXp1 cmVlZGdlLm5ldIIUbXltbWNuLmF6dXJlZWRnZS5uZXSCFm5leHRkZWFsLmF6dXJl ZWRnZS5uZXSCFG9zaWNkbi5henVyZWVkZ2UubmV0gh9vc3lzLWNvaW5zNTAwcHJl bS5henVyZWVkZ2UubmV0ghZwYXdyLW1hcC5henVyZWVkZ2UubmV0ghZwdXBpLWJv eS5henVyZWVkZ2UubmV0ghlxdWFrZXNlYXJjaC5henVyZWVkZ2UubmV0ghVyZXN1 bWVzLmF6dXJlZWRnZS5uZXSCFnJlc3VtZXMubGl2ZWNhcmVlci5jb22CEHJ5LmF6 dXJlZWRnZS5uZXSCG3NhMjY2Z2wud3BjLmVkZ2VjYXN0Y2RuLm5ldIIac2EyNjZn bC53cGMub21pY3JvbmNkbi5uZXSCG3NhMjY3Z2wud3BjLmVkZ2VjYXN0Y2RuLm5l dIIXc2dwaW1tYWlsLmF6dXJlZWRnZS5uZXSCGHNtYXJ0dG90YWwuYXp1cmVlZGdl Lm5ldIIgc21hcnR1cGxvYWQuc3V0aGVybGFuZGdsb2JhbC5jb22CF3RpY2tldHZl ci5henVyZWVkZ2UubmV0ghR3ZWJtYWlsLnNncGltLmNvbS5icoImenN5c2pwZHlz YmJpaHVjaTJieWt5eWZwLmF6dXJlZWRnZS5uZXSCJnpzeXNrZ2RqbXp5dnEwb2lj czZlMXliNC5henVyZWVkZ2UubmV0giZ6c3lzbmY1dGhwOXU4a2VuaWZpZ3lldXou YXp1cmVlZGdlLm5ldDAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUH AwEGCCsGAQUFBwMCMGsGA1UdHwRkMGIwL6AtoCuGKWh0dHA6Ly9jcmwzLmRpZ2lj ZXJ0LmNvbS9zc2NhLXNoYTItZzYuY3JsMC+gLaArhilodHRwOi8vY3JsNC5kaWdp Y2VydC5jb20vc3NjYS1zaGEyLWc2LmNybDBMBgNVHSAERTBDMDcGCWCGSAGG/WwB ATAqMCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMAgG BmeBDAECAjB8BggrBgEFBQcBAQRwMG4wJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3Nw LmRpZ2ljZXJ0LmNvbTBGBggrBgEFBQcwAoY6aHR0cDovL2NhY2VydHMuZGlnaWNl cnQuY29tL0RpZ2lDZXJ0U0hBMlNlY3VyZVNlcnZlckNBLmNydDAMBgNVHRMBAf8E AjAAMIIB9AYKKwYBBAHWeQIEAgSCAeQEggHgAd4AdgCkuQmQtBhYFIe7E6LMZ3AK PDWYBPkb37jjd80OyA3cEAAAAWKYqU9IAAAEAwBHMEUCIQCrqri360Er4wScMDKh mviOIYY8YsLm3TgqH2hpUtCRgwIgPIS8RirdnzeDWcQI7PsmuB0Ku0SboByKkTM0 iAc65I4AdgBvU3asMfAxGdiZAKRRFf93FRwR2QLBACkGjbIImjfZEwAAAWKYqVCv AAAEAwBHMEUCIQDmDsnNi+7vM+PjjicvuK5OzIflQUCAfei/qxdKJnSP/gIgVfjY 7T6dXAg1W4EflpKxpXWgb+lOPDixNK4xXhxFKgsAdQC72d+8H4pxtZOUI5eqkntH OFeVCqtS6BqQlmQ2jh7RhQAAAWKYqVA6AAAEAwBGMEQCIHUmtBK1uV/VJSXMUgxT jGvfgJW/e5aNqQy0oScKwyVIAiBGJr7ynF01VDtMuF9C1rYsyygYdS31Fg4ZoAl5 MCmFlwB1AFWB1MIWkDYBSuoLm1c8U/DA5Dh4cCUIFy+jqh0HE9MMAAABYpipUf8A AAQDAEYwRAIgWv2MDxvnpzp1MdM0XmyXhbPOnzLf2toIXzqzVLNeTfECIFp0/B/a NnXa8VGLfCoSokuMLuVbEAuKJ7sDlBU0Pu53MA0GCSqGSIb3DQEBCwUAA4IBAQBO XPrTQQ4vMgUX7LEavH2+6hR2h3hxIDvTW7jhWoper3iDzt9o333IJ2eSBulGaJAA B53Rge2/Z9bT0ojxJzmHnLdqGPUgYn9adesGyrM4dapBgX9Iu5QQrdoFfrYtabVx hNDEixZnCHAm12YGv9I0c47/mjYWRGiwObEN7NvtrGuuBtKiJboicQ8BySnRIRxS 9iNBQ9E7t1s1iixRQUfgK8sYhUUv5EjaVv09F2XP7jMWNpyGDP6aFGBahcC0ueO6 BtlIyG0t+CpPqjFv2Rgq+RwUDzKD0dCmCsyj+/l23aemqILSkS+IvqMMv0/vREgg joAev6w6UjoN/ZiZzE2R -----END CERTIFICATE----- subject=/C=US/ST=California/L=Los Angeles/O=Verizon Digital Media Services, Inc./OU=SecOps/CN=sa266gl.wpc.edgecastcdn.net issuer=/C=US/O=DigiCert Inc/CN=DigiCert SHA2 Secure Server CA --- No client certificate CA names sent --- SSL handshake has read 4550 bytes and written 126 bytes --- New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES128-GCM-SHA256 Server public key is 2048 bit Secure Renegotiation IS supported Compression: NONE Expansion: NONE No ALPN negotiated SSL-Session: Protocol : TLSv1.2 Cipher : ECDHE-RSA-AES128-GCM-SHA256 Session-ID: Session-ID-ctx: Master-Key: 1D1BFCC6052C795DB408036E61C10843985D8AC4632DED3B7E2D5EC9B8B821DD1DB3E3F95BA0C695B1604FEC0C66924E Start Time: 1544865411 Timeout : 300 (sec) Verify return code: 0 (ok) --- msa@sieglinde:log$ openssl s_client -connect lp-cdn.lastpass.com:443 CONNECTED(00000005) depth=1 C = US, O = DigiCert Inc, CN = DigiCert SHA2 Secure Server CA verify error:num=20:unable to get local issuer certificate verify return:0 --- Certificate chain 0 s:/C=US/ST=California/L=Los Angeles/O=Verizon Digital Media Services, Inc./OU=SecOps/CN=sa266gl.wpc.edgecastcdn.net i:/C=US/O=DigiCert Inc/CN=DigiCert SHA2 Secure Server CA 1 s:/C=US/O=DigiCert Inc/CN=DigiCert SHA2 Secure Server CA i:/C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert Global Root CA --- Server certificate -----BEGIN CERTIFICATE----- MIILezCCCmOgAwIBAgIQBkhA2HnZEcZ9iPCfS90w5jANBgkqhkiG9w0BAQsFADBN MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5E aWdpQ2VydCBTSEEyIFNlY3VyZSBTZXJ2ZXIgQ0EwHhcNMTgwNDA2MDAwMDAwWhcN MjAwNzA4MTIwMDAwWjCBnjELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3Ju aWExFDASBgNVBAcTC0xvcyBBbmdlbGVzMS0wKwYDVQQKEyRWZXJpem9uIERpZ2l0 YWwgTWVkaWEgU2VydmljZXMsIEluYy4xDzANBgNVBAsTBlNlY09wczEkMCIGA1UE AxMbc2EyNjZnbC53cGMuZWRnZWNhc3RjZG4ubmV0MIIBIjANBgkqhkiG9w0BAQEF AAOCAQ8AMIIBCgKCAQEAqk580nChPfZPi5IsUna5r/RY4N2aQqFppqIaosgSLlmr 14zfTqkPK6gU2ZHkuqaOABROefXl6ZPHPdDZLM/NeSqPoUzsz8FoejDCV97eONHF 5Firs9qQZ97+VPZRBBbvpQBLnkxOEAcogDA6vFAkSwyxyy8INh1DTgXAJTskaAFV o3AByyWzEY6FKvW4U9EJbvGJAnB2JmqKBXBl4yY2/a7JWsxi9m8u2BPGc1DKqR04 dAvc9vAn6iFOXlPBWoKYHSxP6Bn1zmbLON/feW/gb3FbwtS/qgNS60C1w22q6LGP r93FuTY63n3e9Zoku5faslQrCkaGIzDZ/tmpgnb5CQIDAQABo4IIAzCCB/8wHwYD VR0jBBgwFoAUD4BhHIIxYdUvKOeNRji0LOHG2eIwHQYDVR0OBBYEFC5yKPSUy+00 1EZ8kecs6YEn66SmMIIETQYDVR0RBIIERDCCBECCGWFzc2V0cy5nZXRjbG91ZGNo ZXJyeS5jb22CF2F0dG9tZGF0YS5henVyZWVkZ2UubmV0gg1jZG4uY29tZWV0Lmlu ghFjZG4ubG9naWN2YXBlcy51c4IPY2RuLm5leHRkZWFsLm5sgg9jZG4ub3Npc29m dC5jb22CEGNkbjEucHVwaS1ib3kucnWCEGNkbjIucHVwaS1ib3kucnWCEGNkbjMu cHVwaS1ib3kucnWCDmNkbi1hei5teW1tLmNughxjZG4tZnItd2Vic2l0ZS5henVy ZWVkZ2UubmV0gh1jZG4tbXNmZXV4MDEtMDEuYXp1cmVlZGdlLm5ldIIbY2RudmVy aWZ5Lnd3dy5hdHRvbWRhdGEuY29tghhjb250ZW50Y2RuLmF6dXJlZWRnZS5uZXSC FmVja2VyZC1jZG4ucHJlc2VuY2UuaW+CE2V4cC1jZG4tYXoubXltbS5jb22CEmxp ZmUuYXp1cmVlZGdlLm5ldIITbGlmZS5jaGltcHF1b3RlLmNvbYIUbHAtY2RuLmF6 dXJlZWRnZS5uZXSCE2xwLWNkbi5sYXN0cGFzcy5jb22CIWxyLW1hcC10aWxlLW9y aWdpbi5saWZlLXJhbmdlci5qcIIRbWFpbC5zZ3BpbS5jb20uYnKCEm15bW0uYXp1 cmVlZGdlLm5ldIIUbXltbWNuLmF6dXJlZWRnZS5uZXSCFm5leHRkZWFsLmF6dXJl ZWRnZS5uZXSCFG9zaWNkbi5henVyZWVkZ2UubmV0gh9vc3lzLWNvaW5zNTAwcHJl bS5henVyZWVkZ2UubmV0ghZwYXdyLW1hcC5henVyZWVkZ2UubmV0ghZwdXBpLWJv eS5henVyZWVkZ2UubmV0ghlxdWFrZXNlYXJjaC5henVyZWVkZ2UubmV0ghVyZXN1 bWVzLmF6dXJlZWRnZS5uZXSCFnJlc3VtZXMubGl2ZWNhcmVlci5jb22CEHJ5LmF6 dXJlZWRnZS5uZXSCG3NhMjY2Z2wud3BjLmVkZ2VjYXN0Y2RuLm5ldIIac2EyNjZn bC53cGMub21pY3JvbmNkbi5uZXSCG3NhMjY3Z2wud3BjLmVkZ2VjYXN0Y2RuLm5l dIIXc2dwaW1tYWlsLmF6dXJlZWRnZS5uZXSCGHNtYXJ0dG90YWwuYXp1cmVlZGdl Lm5ldIIgc21hcnR1cGxvYWQuc3V0aGVybGFuZGdsb2JhbC5jb22CF3RpY2tldHZl ci5henVyZWVkZ2UubmV0ghR3ZWJtYWlsLnNncGltLmNvbS5icoImenN5c2pwZHlz YmJpaHVjaTJieWt5eWZwLmF6dXJlZWRnZS5uZXSCJnpzeXNrZ2RqbXp5dnEwb2lj czZlMXliNC5henVyZWVkZ2UubmV0giZ6c3lzbmY1dGhwOXU4a2VuaWZpZ3lldXou YXp1cmVlZGdlLm5ldDAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUH AwEGCCsGAQUFBwMCMGsGA1UdHwRkMGIwL6AtoCuGKWh0dHA6Ly9jcmwzLmRpZ2lj ZXJ0LmNvbS9zc2NhLXNoYTItZzYuY3JsMC+gLaArhilodHRwOi8vY3JsNC5kaWdp Y2VydC5jb20vc3NjYS1zaGEyLWc2LmNybDBMBgNVHSAERTBDMDcGCWCGSAGG/WwB ATAqMCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy5kaWdpY2VydC5jb20vQ1BTMAgG BmeBDAECAjB8BggrBgEFBQcBAQRwMG4wJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3Nw LmRpZ2ljZXJ0LmNvbTBGBggrBgEFBQcwAoY6aHR0cDovL2NhY2VydHMuZGlnaWNl cnQuY29tL0RpZ2lDZXJ0U0hBMlNlY3VyZVNlcnZlckNBLmNydDAMBgNVHRMBAf8E AjAAMIIB9AYKKwYBBAHWeQIEAgSCAeQEggHgAd4AdgCkuQmQtBhYFIe7E6LMZ3AK PDWYBPkb37jjd80OyA3cEAAAAWKYqU9IAAAEAwBHMEUCIQCrqri360Er4wScMDKh mviOIYY8YsLm3TgqH2hpUtCRgwIgPIS8RirdnzeDWcQI7PsmuB0Ku0SboByKkTM0 iAc65I4AdgBvU3asMfAxGdiZAKRRFf93FRwR2QLBACkGjbIImjfZEwAAAWKYqVCv AAAEAwBHMEUCIQDmDsnNi+7vM+PjjicvuK5OzIflQUCAfei/qxdKJnSP/gIgVfjY 7T6dXAg1W4EflpKxpXWgb+lOPDixNK4xXhxFKgsAdQC72d+8H4pxtZOUI5eqkntH OFeVCqtS6BqQlmQ2jh7RhQAAAWKYqVA6AAAEAwBGMEQCIHUmtBK1uV/VJSXMUgxT jGvfgJW/e5aNqQy0oScKwyVIAiBGJr7ynF01VDtMuF9C1rYsyygYdS31Fg4ZoAl5 MCmFlwB1AFWB1MIWkDYBSuoLm1c8U/DA5Dh4cCUIFy+jqh0HE9MMAAABYpipUf8A AAQDAEYwRAIgWv2MDxvnpzp1MdM0XmyXhbPOnzLf2toIXzqzVLNeTfECIFp0/B/a NnXa8VGLfCoSokuMLuVbEAuKJ7sDlBU0Pu53MA0GCSqGSIb3DQEBCwUAA4IBAQBO XPrTQQ4vMgUX7LEavH2+6hR2h3hxIDvTW7jhWoper3iDzt9o333IJ2eSBulGaJAA B53Rge2/Z9bT0ojxJzmHnLdqGPUgYn9adesGyrM4dapBgX9Iu5QQrdoFfrYtabVx hNDEixZnCHAm12YGv9I0c47/mjYWRGiwObEN7NvtrGuuBtKiJboicQ8BySnRIRxS 9iNBQ9E7t1s1iixRQUfgK8sYhUUv5EjaVv09F2XP7jMWNpyGDP6aFGBahcC0ueO6 BtlIyG0t+CpPqjFv2Rgq+RwUDzKD0dCmCsyj+/l23aemqILSkS+IvqMMv0/vREgg joAev6w6UjoN/ZiZzE2R -----END CERTIFICATE----- subject=/C=US/ST=California/L=Los Angeles/O=Verizon Digital Media Services, Inc./OU=SecOps/CN=sa266gl.wpc.edgecastcdn.net issuer=/C=US/O=DigiCert Inc/CN=DigiCert SHA2 Secure Server CA --- No client certificate CA names sent --- SSL handshake has read 4776 bytes and written 444 bytes --- New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES128-GCM-SHA256 Server public key is 2048 bit Secure Renegotiation IS supported Compression: NONE Expansion: NONE No ALPN negotiated SSL-Session: Protocol : TLSv1.2 Cipher : ECDHE-RSA-AES128-GCM-SHA256 Session-ID: 2526CAA857C21CD617E2341DF0E0866CB529F266A18513931C76479F0914396E Session-ID-ctx: Master-Key: FB5C141AC8CCF1C11E09F43047BD1CE9E68129DBBC5C0A2F066C260E9B8A6EE71417D21D458DE16998B7DFBF6E88F64A TLS session ticket lifetime hint: 7200 (seconds) TLS session ticket: 0000 - c0 54 c8 dc df ee 1d 61-e9 73 c1 1e 23 1c 52 60 .T.....a.s..#.R` 0010 - 60 45 4f a7 6c ed ea 2f-46 c0 69 0b 2d 09 f5 38 `EO.l../F.i.-..8 0020 - 92 04 47 a8 ab 04 d7 aa-ae dd 6b a7 09 4d 3a 2b ..G.......k..M:+ 0030 - c6 c5 59 89 bc 3f e3 b2-9f c6 21 7a 8c 03 e1 4c ..Y..?....!z...L 0040 - 6a 71 d4 04 e5 3a a1 57-e8 00 96 10 11 a0 63 03 jq...:.W......c. 0050 - 69 a0 7b 79 29 da a6 bb-43 a4 4a 9f 68 fd c0 50 i.{y)...C.J.h..P 0060 - 2f 17 91 9b 65 2b ca a8-77 f6 2a f1 51 b7 85 38 /...e+..w.*.Q..8 0070 - d2 e9 5e 05 79 0b 4a 5a-6a 30 d8 76 e5 41 73 72 ..^.y.JZj0.v.Asr 0080 - 6b f4 7a 3a 8e 53 66 25-f9 5a ac 8b ab 74 0c 35 k.z:.Sf%.Z...t.5 0090 - 92 5e 31 53 6f 2f 24 4b-9e 66 d2 c3 51 0e 9b e7 .^1So/$K.f..Q... Start Time: 1544865529 Timeout : 300 (sec) Verify return code: 0 (ok) --- ^C msa@sieglinde:log$
As said - all other sites we have tested (banks, google, facebook etc) work over SSL.
Any ideas where to start looking?