I came across a bizarre issue yesterday with Ubuntu WSL on my development machine.
curl: (35) OpenSSL/3.0.8: error:0A000152:SSL routines::unsafe legacy renegotiation disabled
What made it bizarre is I’d been using regular curl commands for months and seemingly overnight I began getting these errors.
It turned out that policies had been updated internally to the latest OpenSSL Versions which – if you don’t have the latest version of Curl – caused failure until the package is updated.
So – this morning – I spent some time to write up a install script to upgrade Curl to the latest version on Ubuntu.
This should work on any version of linux – just swap the apt command with yum.
git clone https://github.com/curl/curl.git
cd curl
sudo apt install autoconf libtool make automake -y
sudo apt remove curl
sudo apt purge curl
autoreconf -fi
./configure --with-openssl
sudo make
sudo make install
sudo cp /usr/local/bin/curl /usr/bin/curl
sudo ldconfig
Then – to set a temporary configuration to fix the original error do the following…
echo "openssl_conf = openssl_init
[openssl_init]
ssl_conf = ssl_sect
[ssl_sect]
system_default = system_default_sect
[system_default_sect]
Options = UnsafeLegacyRenegotiation" > $HOME/.openssl.cnf
Under your .bash_profile for your user – add the following line…
export OPENSSL_CONF="$HOME/.openssl.cnf"