Hi, On Thu, Feb 28, 2013 at 10:30:18AM +0100, Richard Randriatoamanana wrote: > I have this error that I can't solve after configuring csync2. Here > is the output error on the yyyy machine when I did the following > command: > yyyy# csync2 -x -vvv > ... > SQL: SELECT peername FROM dirty GROUP BY peername ORDER BY random() > SQL Query finished. > SQL: SELECT filename, myname, force FROM dirty WHERE peername = > 'xxxx' ORDER by filename ASC > SQL Query finished. > Connecting to host xxxx (SSL) ... > Local> SSL\n > Peer> OK (activating_ssl).\n > Establishing SSL connection failed.
Did you perhaps created the second ssl certificate with a newer version of openssl? There seems to be something fishy going on between older openssl generaration of snake-oil certificate and new openssl versions. I had those problems, and I fixed it by generating the certificates on an older platform, and copying that to the new platform. Vice-versa would have worked too, but that meant a lot more work. > I also have this weird situation when I ran #openssl s_client > -connect localhost:30865 > CONNECTED(00000003) > 140546063496872:error:140770FC:SSL > routines:SSL23_GET_SERVER_HELLO:unknown protocol:s23_clnt.c:766: > --- > no peer certificate available > --- > No client certificate CA names sent > --- > SSL handshake has read 7 bytes and written 320 bytes As far as I know you can't connect because csync doesn't use TLS, and it uses SSL after it's own negotiation. Regards, Ard van Breemen _______________________________________________ Csync2 mailing list Csync2@lists.linbit.com http://lists.linbit.com/mailman/listinfo/csync2
