Bug #3172
closedSSL Handshake Error over a self-signed certificate in 1.4.66
Description
Running on an embedded ARM Sitara CPU Linux box, open-embedded Linux 4.14.67.
OpenSSL 1.1.1q 5 Jul 2022
Device website runs just fine, only when downloading file from it results in a Network error.
Enabling
debug.log-ssl-noise = "enable",
gives me this message when trying to download a file from a page (bz2 archive),
(mod_openssl.c.3281) SSL: 1 error:14094416:lib(20):func(148):reason(1046) (10.54.210.109)
I have upgraded it from 1.4.55, which did not have such issues. The
lighttpd.conf configuration has not changed much except for renaming compress. to deflate.. Shared web server config.
Files
Updated by gstrauss over 2 years ago
- Project changed from Lighttpd2 to Lighttpd
- Category deleted (
core) - Status changed from New to Invalid
- Priority changed from Normal to Low
- ASK QUESTIONS IN Forums set to No
First, you have posted in the lighttpd2 bug tracker and you seem to be using lighttpd 1.4.66.
(I have moved it to the lighttpd bug tracker, but it is still an invalid bug report)
Second, please ask questions in the lighttpd forums (see the Forums tab at the top of the page) This is the bug tracker for bugs in lighttpd, not your personal questions.
Third, you have posted insufficient information for troubleshooting. Do TLS requests always fail, or just some requests? Did you troubleshoot why? Did your self-signed certificate expire?
As an aside, your TLS config is more than a bit outdated. Please read lighttpd TLS documentation and remove the deprecated ssl.* directives, which include all the ones you are using besides ssl.engine, ssl.pemfile, and ssl.cipher-list (which should change to ssl.openssl.ssl-conf-cmd "CipherString")
Also available in: Atom