Bug #2977

SSL routines:ciphersuite_cb:no cipher match

Added by vfXMUPD24 3 months ago. Updated 3 months ago.

Target version:
Start date:
Due date:
% Done:


Estimated time:
Missing in 1.5.x:


After upgrading from 1.4.50 (where the issue was not present) to 1.4.54 the server fails to start with

SSL routines:ciphersuite_cb:no cipher match

This happens with

ssl.cipher-list = "CHACHA20-POLY1305-SHA256:AES-256-GCM_SHA384:AES-128-GCM-SHA256" 
ssl.cipher-list = "CHACHA20_POLY1305_SHA256:AES_256_GCM_SHA384:AES_128_GCM_SHA256" 
ssl.cipher-list = "TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384:TLS_AES_128_GCM_SHA256" 
ssl.cipher-list = "TLS-CHACHA20-POLY1305-SHA256:TLS-AES-25-_GCM-SHA384:TLS-AES-128-GCM-SHA256" 

And similarly happens also with

ssl.openssl.ssl-conf-cmd = ("Ciphersuites" => "named cipher suite")

I am basically coding illiterate, just it would seem that with


the cipher suite is constraint to HIGH and thus causes the failure and in turn preventing to user to set a customised cipher order/list



Updated by stbuehler 3 months ago


Can you please post the full error message? We need to see where it fails (and whether it is actually about failing to start or failing to accept connections from old clients).

HIGH shouldn't prevent your server from starting; the only reason I can think of why it might fail is if you're using small keys which are not acceptable anymore.

Also you didn't mention which OS you're on and which openssl versions your 1.4.50 and 1.4.54 were linked with; more recent openssl versions became more strict about lots of things (i.e. again small keys, ...).


Updated by vfXMUPD24 3 months ago

It fails to start

/usr/sbin/lighttpd -D -f /etc/lighttpd/lighttpd.conf

(mod_openssl.c.983) SSL: error:1410D0B9:SSL routines:SSL_CTX_set_cipher_list:no cipher match
(server.c.1240) Initialization of plugins failed. Going down.

Set to HIGH the server starts but it prevents me from setting the order to cipher suites the server sets for the client.

That is with

ssl.openssl.ssl-conf-cmd = ( "Protocol" => "-ALL, +TLSv1.3" )

key size being of the private key that been used for the cert generation? Which is in this case

RSA Private-Key: (2048 bit, 2 primes)

And for sake of completeness

lighttpd - 1.4.54-1.0
lighttpd-https-cert - 5-0.0
lighttpd-mod-alias - 1.4.54-1.0
lighttpd-mod-cgi - 1.4.54-1.0
lighttpd-mod-fastcgi - 1.4.54-1.0
lighttpd-mod-openssl - 1.4.54-1.0
lighttpd-mod-proxy - 1.4.54-1.0
lighttpd-mod-redirect - 1.4.54-1.0
lighttpd-mod-setenv - 1.4.54-1.0
OpenSSL 1.1.1c

Is my assumption about the cipher suite being constraint to HIGH, as introduced in mod_openssl.c, wrong then?


Updated by stbuehler 3 months ago

This seems to work fine on my system:

ssl.cipher-list = "HIGH" 
ssl.openssl.ssl-conf-cmd = ( "Protocol" => "-ALL, +TLSv1.3" )

Perhaps you can try to find the minimal config that isn't starting for you and post that.


Updated by vfXMUPD24 3 months ago

HIGH works, as I mentioned in previous post.

Not working after the update from .5*0* to .5*4*

ssl.cipher-list = "CHACHA20-POLY1305-SHA256:AES-256-GCM-SHA384:AES-128-GCM-SHA256" 

and neither is

ssl.openssl.ssl-conf-cmd = ( "Ciphersuites" => "CHACHA20-POLY1305-SHA256:AES-256-GCM-SHA384:AES-128-GCM-SHA256" )

either ending up with

SSL routines:ciphersuite_cb:no cipher match


Updated by stbuehler 3 months ago

  • Status changed from New to Invalid
  • Target version deleted (1.4.x)

Well, openssl ciphers '...' doesn't like your cipherstring either, so I'd say openssl got more strict about parsing those, and your 1.4.50 binary was linked against an older version.

$ openssl ciphers -v 'CHACHA20-POLY1305-SHA256:AES-256-GCM-SHA384:AES-128-GCM-SHA256'
Error in cipher list
140175423665280:error:1410D0B9:SSL routines:SSL_CTX_set_cipher_list:no cipher match:../ssl/ssl_lib.c:2549:

In any case there is nothing we can do about which ciphers openssl accepts or not.


Updated by vfXMUPD24 3 months ago

For TLS1.3 there is special value

-ciphersuites val Configure the TLSv1.3 ciphersuites to use


openssl ciphers -ciphersuites TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384:TLS_AES_128_GCM_SHA256

Also available in: Atom