| View previous topic :: View next topic |
| Author |
Message |
nabbelol
Voice
Joined: 12 Jan 2012
Posts: 4
|
 Posted: Thu Jan 12, 2012 2:43 pm Post subject: TLS negotiation failure - Eggdrop 1.8.0 |
 |
|
I'm struggling with this error:
| Code: |
[21:15:14] Failed connect to irc.server2.net (TLS negotiation failure)
[21:16:14] Trying server [irc.server.org]:+7000
[21:16:14] TLS: attempting SSL negotiation...
[21:16:14] TLS: state change: before/connect initialization
[21:16:14] TLS: state change: before/connect initialization
[21:16:14] TLS: state change: SSLv2/v3 write client hello B
[21:16:14] Failed connect to irc.server.org (TLS negotiation failure)
|
It is compiled with SSL of course, and I can connect to the bot using SSL without any problems using openssl client.
| Code: |
# openssl s_client -connect localhost:4000
|
* I have tired several different servers on different networks.
* Using a IRC client that supports SSL with these servers work.
* Making the key and crt using make sslcert, and manually like described in doc/TLS file..
* .console +rv gives me no more info then posted.
* I have used 1.8.0 with SSL before on another shell without any problems. So i tried with the same conf, crt and key file, and i still get this error.
After searching google and this forum, I seem to be the only one having this problem, maybe i forgot something obvious ?
Or maybe anybody else have had this problem? Any hints? I'm really clueless and cant think of anything else to try...
| Code: |
set ssl-privatekey "eggdrop.key"
set ssl-certificate "eggdrop.crt"
set ssl-capath "/etc/ssl/"
set ssl-ciphers "ALL"
set ssl-verify-bots 11
set ssl-verify-clients 11
|
|
|
| Back to top |
|
 |
pseudo
Halfop
Joined: 23 Nov 2009
Posts: 88
Location: Bulgaria
|
| Posted: Fri Jan 13, 2012 3:42 pm Post subject: |
|
|
Looks OK, but what are these servers? Do they work with some SSL-enabled IRC client?
If possible, come at #eggdrop @ Undernet (our official channel) in order to communicate this more efficiently. Just come there, mention your problem and wait a while. I'll try to help. |
|
| Back to top |
|
|
nabbelol
Voice
Joined: 12 Jan 2012
Posts: 4
|
| Posted: Sun Jan 15, 2012 7:18 am Post subject: |
|
|
| pseudo wrote: | | Looks OK, but what are these servers? Do they work with some SSL-enabled IRC client? |
I tested linknet and EFnet servers that have SSL enabled. And using a IRC client with the same servers work from my home connection.
I'm gonna try to install a BNC or just a irc client on the server, and see if that can connect :) |
|
| Back to top |
|
|
nabbelol
Voice
Joined: 12 Jan 2012
Posts: 4
|
| Posted: Sun Jan 15, 2012 3:10 pm Post subject: |
|
|
Installed Irssi and connected to 3 different ssl enabled irc servers without any problem. So it must be something with my Eggdrop build.
I will try to investigate more next weekend, maybe join the eggdrop channel as you wanted. If i find out what causes this ill update this thread :) |
|
| Back to top |
|
|
Relnah
Voice
Joined: 02 Mar 2014
Posts: 2
|
| Posted: Sun Mar 02, 2014 4:08 am Post subject: |
|
|
Hi!
Did you every figure out the problem? I'm having almost identical problem.
All the same symptoms but slightly different log.
[09:03:54] Trying server [leguin.freenode.net]:+6697
[09:03:54] TLS: attempting SSL negotiation...
[09:03:54] TLS: state change: before/connect initialization
[09:03:54] TLS: state change: before/connect initialization
[09:03:54] TLS: state change: unknown state
[09:03:54] Failed connect to leguin.freenode.net (TLS negotiation failure)
I too can connect to the bot with openssl s_client -connect ...
Any insights are much appreciated, I'm at a total loss here.
Regards,
Relnah |
|
| Back to top |
|
|
Relnah
Voice
Joined: 02 Mar 2014
Posts: 2
|
| Posted: Sun Mar 09, 2014 5:24 am Post subject: |
|
|
I finally solved my problem.
Apparently the eggdrop can't resolve DNS properly when running on my Raspberry Pi, I'm not sure why. Even if I set dns IPs in the conf it won't work.
When setting the IRC-server to it's IP all goes well. |
|
| Back to top |
|
|
WazzaUK
Voice
Joined: 02 Jul 2006
Posts: 19
|
| Posted: Sun Jun 29, 2014 3:52 am Post subject: TLS negotiation. SSL connections |
|
|
I got eggdrop 1.8.0 with TLS connecting to servers via SSL port +6697 - no problems.
[06:29:47] Trying server [irc.p2p-network.net]:+6697
[06:29:50] TLS: handshake successful. Secure connection established.
[06:29:50] TLS: certificate subject: OU=Domain Control Validated, CN=irc.p2p-network.net
[06:29:50] TLS: certificate issuer: C=US, ST=Arizona, L=Scottsdale, O="GoDaddy.com, Inc.", OU=http://certs.godaddy.com/repository/, CN=Go Daddy Secure Certificate Authority - G2
[06:29:50] TLS: certificate MD5 Fingerprint: 68:2F:9C:CD:2D:E4:DF:CC:7E:32:B5:27:3A:49:B0:D1
[06:29:50] TLS: certificate SHA1 Fingerprint: FD:DF:42:79:32:DE:FC:81:5D:A9:8F:5C:24:CD:3B:5A:96:70:C7:14
[06:29:50] TLS: certificate valid from Apr 9 23:55:03 2014 GMT to Mar 15 16:48:01 2016 GMT
[06:29:50] TLS: cipher used: AES256-GCM-SHA384 TLSv1/SSLv3; 256 bits (256 secret)
[06:29:50] Connected to irc.p2p-network.net
I take it u created the certificate and key files. Thats the whole point. |
|
| Back to top |
|
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
