Comment 8 for bug 861137

OS : 11.10 oneiric
Server Side is : Jboss 5

> openssl version

OpenSSL 1.0.0e 6 Sep 2011

> curl --version

curl 7.21.6 (i686-pc-linux-gnu) libcurl/7.21.6 OpenSSL/1.0.0e zlib/1.2.3.4 libidn/1.22 librtmp/2.3
Protocols: dict file ftp ftps gopher http https imap imaps ldap pop3 pop3s rtmp rtsp smtp smtps telnet tftp
Features: GSS-Negotiate IDN IPv6 Largefile NTLM SSL libz

> curl -v -L --capath ~/temp --cacert ~/temp/ca-bundle.crt https://SERVERIP:8443

* About to connect() to SERVERIP port 8443 (#0)
* Trying SERVERIP... connected
* Connected to SERVERIP (SERVERIP) port 8443 (#0)
* successfully set certificate verify locations:
* CAfile: /home/nagi/temp/ca-bundle.crt
  CApath: /home/nagi/temp/
* SSLv3, TLS handshake, Client hello (1):
* SSLv3, TLS alert, Server hello (2):
* error:14077438:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1 alert internal error
* Closing connection #0
curl: (35) error:14077438:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1 alert internal error

with option -3:
> curl -v -3 -L --capath ~/temp --cacert ~/temp/ca-bundle.crt https://SERVERIP:8443

* About to connect() to SERVERIP port 8443 (#0)
* Trying SERVERIP... connected
* Connected to SERVERIP (SERVERIP) port 8443 (#0)
* successfully set certificate verify locations:
* CAfile: /home/nagi/temp/ca-bundle.crt
  CApath: /home/nagi/temp/
* SSLv3, TLS handshake, Client hello (1):
* SSLv3, TLS alert, Server hello (2):
* error:14094438:SSL routines:SSL3_READ_BYTES:tlsv1 alert internal error
* Closing connection #0
curl: (35) error:14094438:SSL routines:SSL3_READ_BYTES:tlsv1 alert internal error

The ca-bundle.crt is created with firefox-db2pem.sh script in http://curl.haxx.se/docs/caextract.html