If you’re using Debian and you want to get rid of Hearbleed bug then it’s not sufficient to upgrade openssl package.
The really important package is libssl1.0.0:
apt-get install libssl1.0.0
It will restart all services which depends on this package.
19. February 2012
Tomcat 7 and curl – SSL23_GET_SERVER_HELLO:tlsv1 alert internal error
There is very annoying bug in Open SSL 1.0 which affects curl. When you try to access Tomcat 7 with https with curl you’ll get fancy error:
curl: (35) error:14077438:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1 alert internal error
-k parameter is not working at all
You’re not able to invoke any request against Tomcat 7 with https in default configuration.
The solution is to restrict available ciphers in Tomcat’s https connector:
ciphers="SSL_RSA_WITH_RC4_128_SHA"
Restart Tomcat and curl will work.