Created
July 19, 2018 09:48
-
-
Save bigpresh/debc24b3d8251a3e7095e6f60472faed to your computer and use it in GitHub Desktop.
SSL connection failure to ZNC 1.7.1
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [davidp@supernova:~]$ openssl s_client -connect myhostname:myport | |
| CONNECTED(00000003) | |
| write:errno=104 | |
| --- | |
| no peer certificate available | |
| --- | |
| No client certificate CA names sent | |
| --- | |
| SSL handshake has read 0 bytes and written 289 bytes | |
| --- | |
| New, (NONE), Cipher is (NONE) | |
| Secure Renegotiation IS NOT supported | |
| Compression: NONE | |
| Expansion: NONE | |
| SSL-Session: | |
| Protocol : TLSv1.2 | |
| Cipher : 0000 | |
| Session-ID: | |
| Session-ID-ctx: | |
| Master-Key: | |
| Key-Arg : None | |
| PSK identity: None | |
| PSK identity hint: None | |
| SRP username: None | |
| Start Time: 1531992929 | |
| Timeout : 300 (sec) | |
| Verify return code: 0 (ok) | |
| --- |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I fixed this by replacing the old
znc.pemwith a new one generated withznc --makepem. I suspect it was because the key in the old one was only 1024 bits.It would have been nice if ZNC threw a message on startup that the znc.pem wasn't good enough (assuming that it was ZNC imposing that, and not OpenSSL, that is)