Wget Returns "Unable to Establish Ssl Connection"

Unable to establish SSL connection upon wget on Ubuntu 14.04 LTS

... right now it happens only to the website I'm testing. I can't post it here because it's confidential.

Then I guess it is one of the sites which is incompatible with TLS1.2. The openssl as used in 12.04 does not use TLS1.2 on the client side while with 14.04 it uses TLS1.2 which might explain the difference. To work around try to explicitly use --secure-protocol=TLSv1. If this does not help check if you can access the site with openssl s_client -connect ... (probably not) and with openssl s_client -tls1 -no_tls1_1, -no_tls1_2 ....

Please note that it might be other causes, but this one is the most probable and without getting access to the site everything is just speculation anyway.

The assumed problem in detail: Usually clients use the most compatible handshake to access a server. This is the SSLv23 handshake which is compatible to older SSL versions but announces the best TLS version the client supports, so that the server can pick the best version. In this case wget would announce TLS1.2. But there are some broken servers which never assumed that one day there would be something like TLS1.2 and which refuse the handshake if the client announces support for this hot new version (from 2008!) instead of just responding with the best version the server supports. To access these broken servers the client has to lie and claim that it only supports TLS1.0 as the best version.

Is Ubuntu 14.04 or wget 1.15 not compatible with TLS 1.0 websites? Do I need to install/download any library/software to enable this connection?

The problem is the server, not the client.
Most browsers work around these broken servers by retrying with a lower version. Most other applications fail permanently if the first connection attempt fails, i.e. they don't downgrade by itself and one has to enforce another version by some application specific settings.

wget Unable to establish SSL connection on bash script install

Telling by

OpenSSL: error:1407742E:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1 alert protocol version

this might be caused by github droping support for ancient TLS version protocols https://github.blog/2018-02-01-crypto-removal-notice/ and a fairly outdated wget+openssl installation.

Try forcing a specific modern TLS protocol and see how it goes

wget --secure-protocol=TLSv1_2 https://github.com/kermitt2/grobid/archive/0.6.1.zip

or try to upgrade your installation

As a rule of thumb, start your scripts with

set -ex

So that they

stop if any instruction fails
echo the instruction that is being executed

Unable to establish SSL connection, how do I fix my SSL cert?

SSL23_GET_SERVER_HELLO:unknown protocol

This error happens when OpenSSL receives something other than a ServerHello in a protocol version it understands from the server. It can happen if the server answers with a plain (unencrypted) HTTP. It can also happen if the server only supports e.g. TLS 1.2 and the client does not understand that protocol version. Normally, servers are backwards compatible to at least SSL 3.0 / TLS 1.0, but maybe this specific server isn't (by implementation or configuration).

It is unclear whether you attempted to pass --no-check-certificate or not. I would be rather surprised if that would work.

A simple test is to use wget (or a browser) to request http://example.com:443 (note the http://, not https://); if it works, SSL is not enabled on port 443. To further debug this, use openssl s_client with the -debug option, which right before the error message dumps the first few bytes of the server response which OpenSSL was unable to parse. This may help to identify the problem, especially if the server does not answer with a ServerHello message. To see what exactly OpenSSL is expecting, check the source: look for SSL_R_UNKNOWN_PROTOCOL in ssl/s23_clnt.c.

In any case, looking at the apache error log may provide some insight too.

wget for windows error: tlsv1 alert protocol version Unable to establish SSL connection

The problem is your version of wget do not support new versions of TLS. And the web site need TLS v1.1 or 1.2. As you found you need new version of wget

As you use Windows next time maybe will be wise to use Power Shell which have incorporated version of wget

centos7 wget over ssl : Unable to establish SSL connection

According to the output you connect to 172.31.106.79 when trying to connect to www.facebook.com. This is not the IP address for facebook but an IP address reserved for use in internal networks. It looks like that you have some DNS server which returns the wrong IP address for www.facebook.com. This might be some captive portal or it might be an attack or maybe some firewall blocking facebook or similar.

To fix the problem make sure that you are using a network which is not affected by this problem.