Hi,
Ubuntu 20.04
I have a very strange issue that seems to be specific to the geographical location I'm located in. GnuTLS-linked programs have trouble connecting to many sites. Also see https://gitlab.com/gnutls/gnutls/-/issues/990 for a long discussion on this. The short of the story is that any connection attempt that tries to use the SECP256R1 elliptic curve encryption fails. Unfortunately those programs include APT and GIT, which means for example that mono-project.com as an apt repository doesn't work, and I'm unable to clone any github repo.
The gnutls-cli program has command line options that let you control which encryption methods are attempted by gnutls-cli, e.g.:
gnutls-cli --priority=NORMAL:-GROUP-SECP256R1 github.com
works, but:
gnutls-cli github.com
Does not.
Does anybody know of a way to globally/system-wide adjust the priority that GnuTLS uses? I have found some references to possible gnutls configuration files, but that support seems to be dependent on specific compilation options, and I don't know which options are used for the Ubuntu 20.04 package. Also, I found update-crypto-policy, which I hoped would be able to do this, but I've not been able to figure out how to actually use it.
Rgds
Bookmarks