digitalmars.D.learn - Vibe.d error
- JG (13/13) Aug 18 2021 Hi,
- WebFreak001 (6/19) Aug 20 2021 There might be incompatibilities with how openssl is used and the
- JG (3/11) Aug 20 2021 Thank you very much for your reply. Yes, we are getting this with
- WebFreak001 (14/27) Aug 23 2021 I think you might need to restart the server whenever you update
Hi, We are intermittently getting the following error: Accept TLS connection: server OpenSSL error at ../ssl/record/rec_layer_s3.c:1543: error:14094416:SSL routines:ssl3_read_bytes:sslv3 alert certificate unknown (SSL alert number 46) HTTP connection handler has thrown: Accepting SSL tunnel: error:14094416:SSL routines:ssl3_read_bytes:sslv3 alert certificate unknown (336151574) Full error: object.Exception /home/jg/.dub/packages/vibe-d-0.9.3/vibe-d/tls/vibe/st eam/openssl.d(578): Accepting SSL tunnel: error:14094416:SSL routines:ssl3_read_bytes:sslv3 alert certificate unknown (336151574) ---------------- Anyone have any idea what might cause this?
Aug 18 2021
On Wednesday, 18 August 2021 at 19:51:00 UTC, JG wrote:Hi, We are intermittently getting the following error: Accept TLS connection: server OpenSSL error at ../ssl/record/rec_layer_s3.c:1543: error:14094416:SSL routines:ssl3_read_bytes:sslv3 alert certificate unknown (SSL alert number 46) HTTP connection handler has thrown: Accepting SSL tunnel: error:14094416:SSL routines:ssl3_read_bytes:sslv3 alert certificate unknown (336151574) Full error: object.Exception /home/jg/.dub/packages/vibe-d-0.9.3/vibe-d/tls/vibe/st eam/openssl.d(578): Accepting SSL tunnel: error:14094416:SSL routines:ssl3_read_bytes:sslv3 alert certificate unknown (336151574) ---------------- Anyone have any idea what might cause this?There might be incompatibilities with how openssl is used and the installed openssl version or config. If you are getting this from having https enabled on the server, I would recommend instead switching to HTTP-only and using a reverse proxy such as with nginx or caddy to serve it with HTTPS.
Aug 20 2021
On Friday, 20 August 2021 at 10:50:12 UTC, WebFreak001 wrote:On Wednesday, 18 August 2021 at 19:51:00 UTC, JG wrote:Thank you very much for your reply. Yes, we are getting this with HTTPS enabled. May I ask why you suggest not to use HTTPS?[...]There might be incompatibilities with how openssl is used and the installed openssl version or config. If you are getting this from having https enabled on the server, I would recommend instead switching to HTTP-only and using a reverse proxy such as with nginx or caddy to serve it with HTTPS.
Aug 20 2021
WebFreak001 <d.forum webfreak.org> On Friday, 20 August 2021 at 17:39:29 UTC, JG wrote:On Friday, 20 August 2021 at 10:50:12 UTC, WebFreak001 wrote:I think you might need to restart the server whenever you update the SSL certificates + in every app you need to pass in your SSL certificate location somehow or hardcode it, which if you make all your apps yourself you can do consistently, but otherwise creates inconsistencies which can be hard to maintain. On the other hand if you use a single reverse proxy like with nginx or caddy for all the HTTPS services it can reload them all at once and use the same config for everything. Additionally the are better supported by ACME services like LetsEncrypt or ZeroSSL through built-in plugins, etc. But most importantly: these services have undergone much more testing for security than vibe.d, so you can generally expect it to be less likely to have critical bugs in API usage.On Wednesday, 18 August 2021 at 19:51:00 UTC, JG wrote:Thank you very much for your reply. Yes, we are getting this with HTTPS enabled. May I ask why you suggest not to use HTTPS?[...]There might be incompatibilities with how openssl is used and the installed openssl version or config. If you are getting this from having https enabled on the server, I would recommend instead switching to HTTP-only and using a reverse proxy such as with nginx or caddy to serve it with HTTPS.
Aug 23 2021