Join Log in
Score:0
raw-bean avatar Ubuntu

SSL routines:SSL_CTX_set_cipher_list:no cipher match

us flag
raw-bean

I have Ubuntu=20.04 server running (Openssl=1.1.1t & nginx=1.21.6). I allowed ssl ciphers as

cat nginx.conf | grep -i ssl_ciphers
        ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-CCM:ECDHE-ECDSA-AES128-CCM:AES256-GCM-SHA384:AES128-GCM-SHA256:CHACHA20-POLY1305-SHA256:TLS_AES_128_CCM_SHA256:TLS_AES_128_CCM_8_SHA256';

As per the official documentatin of openssl (Ref: https://www.openssl.org/docs/man1.1.1/man1/ciphers.html) the ciphers TLS_AES_128_CCM_SHA256 & TLS_AES_128_CCM_8_SHA256 are supported.

While I try to connect to the target machine using

# openssl s_client -connect 192.168.2.15:443 -ciphersuites TLS_AES_128_CCM_SHA256 -tls1_3
139638440334656:error:0200206F:system library:connect:Connection refused:../crypto/bio/b_sock2.c:110:
139638440334656:error:2008A067:BIO routines:BIO_connect:connect error:../crypto/bio/b_sock2.c:111:
connect:errno=111

I am unable to track what actually I am missing here.

182
1 + 0
ssl
Score:0
Steffen Ullrich avatar Ubuntu
in flag
Steffen Ullrich

TLS 1.3 ciphers can not be set with ssl_ciphers. They need to be configured with ssl_conf_command Ciphersuites:

ssl_conf_command Ciphersuites 'TLS_AES_128_CCM_SHA256:TLS_AES_128_CCM_8_SHA256';
+ 0
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.