[Gluster-devel] SSL unsupported certificate

Emmanuel Dreyfus manu at netbsd.org
Wed Aug 5 10:02:56 UTC 2015


I have a SSL setup failure with this:
[2015-08-05 09:41:04.344413] E [socket.c:352:ssl_setup_connection] 
    0-management: SSL connect error
[2015-08-05 09:41:04.344497] E [socket.c:206:ssl_dump_error_stack] 
    0-management:   error:14094413:SSL routines:SSL3_READ_BYTES:sslv3 
    alert unsupported certificate
[2015-08-05 09:41:04.344648] E [socket.c:2388:socket_poller] 0-management: 
    client setup failed

Anyone already had this one? openssl s_client manages to establish a 
connexion but reports the same error, with more information:
3147606356:error:14094413:SSL routines:SSL3_READ_BYTES:sslv3 alert 
    unsupported certificate:/home6/tmp/netbsd6/usr/src/crypto/external/
    bsd/openssl/dist/ssl/s3_pkt.c:1304:SSL alert number 43

Here is the code in openssl-1.0.1p/ssl/s3_pkt.c:1304 in ssl3_read_bytes()
        } else if (alert_level == SSL3_AL_FATAL) {
            char tmp[16];
            s->rwstate = SSL_NOTHING;
            s->s3->fatal_alert = alert_descr;
            SSLerr(SSL_F_SSL3_READ_BYTES, SSL_AD_REASON_OFFSET + alert_descr);
            BIO_snprintf(tmp, sizeof tmp, "%d", alert_descr);
            ERR_add_error_data(2, "SSL alert number ", tmp);
            s->shutdown |= SSL_RECEIVED_SHUTDOWN;
            SSL_CTX_remove_session(s->ctx, s->session);
            return (0);

Emmanuel Dreyfus
manu at netbsd.org

More information about the Gluster-devel mailing list