gnuTLS 3.0.20 - 'Fatal error: The TLS connection was non-properly terminated' against Cisco load balancers

Scott McGillivray scott.mcgillivray at
Mon Jun 18 11:36:08 CEST 2012

On 18 June 2012 10:03, Richard Moore <rich at> wrote:

> On 18 June 2012 09:50, Scott McGillivray <scott.mcgillivray at>
> wrote:
> > I don't know if the problem see in openssl 1.0.1c might be related to the
> > problem I'm seeing in gnutls 3.0.20? I couldn't see a similar option for
> > gnutls-cli to force TLS 1.0 or ignore TLS 1.2 for me to test.
> --protocols
> Rich.

Many thanks, that allowed me to connect.

i think the --protocols option is deprecated, i couldn't find it in in man
pages, but i was able to successfully connect to the site using the below
command which does the same thing.

gnutls-cli --priority

Info on the command found at

I wonder what has changed in gnutls and openssl in recent versions that
prevents them from gratefully downgrading to a supported TLS version when
connecting to these Cisco CSS units.

Thanks again for your help.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20120618/150f178d/attachment.htm>

More information about the Gnutls-help mailing list