[Gluster-devel] SSL unsupported certificate
Emmanuel Dreyfus
manu at netbsd.org
Wed Aug 5 10:02:56 UTC 2015
Hi
I have a SSL setup failure with this:
[2015-08-05 09:41:04.344413] E [socket.c:352:ssl_setup_connection]
0-management: SSL connect error
[2015-08-05 09:41:04.344497] E [socket.c:206:ssl_dump_error_stack]
0-management: error:14094413:SSL routines:SSL3_READ_BYTES:sslv3
alert unsupported certificate
[2015-08-05 09:41:04.344648] E [socket.c:2388:socket_poller] 0-management:
client setup failed
Anyone already had this one? openssl s_client manages to establish a
connexion but reports the same error, with more information:
3147606356:error:14094413:SSL routines:SSL3_READ_BYTES:sslv3 alert
unsupported certificate:/home6/tmp/netbsd6/usr/src/crypto/external/
bsd/openssl/dist/ssl/s3_pkt.c:1304:SSL alert number 43
Here is the code in openssl-1.0.1p/ssl/s3_pkt.c:1304 in ssl3_read_bytes()
} else if (alert_level == SSL3_AL_FATAL) {
char tmp[16];
s->rwstate = SSL_NOTHING;
s->s3->fatal_alert = alert_descr;
SSLerr(SSL_F_SSL3_READ_BYTES, SSL_AD_REASON_OFFSET + alert_descr);
BIO_snprintf(tmp, sizeof tmp, "%d", alert_descr);
ERR_add_error_data(2, "SSL alert number ", tmp);
s->shutdown |= SSL_RECEIVED_SHUTDOWN;
SSL_CTX_remove_session(s->ctx, s->session);
return (0);
--
Emmanuel Dreyfus
manu at netbsd.org
More information about the Gluster-devel
mailing list