[Epoptes] [Question #206372]: Epoptes fails after update....certificate issue

David Trask Mon, 20 Aug 2012 18:55:38 -0700

New question #206372 on Epoptes:
https://answers.launchpad.net/epoptes/+question/206372


Hi!

I ran some updates today to my Edubuntu server (had everything working 
fine)....now it's broken :-(   

I was unable to see any of the clients unless they were logged in....so I 
figured something was amiss in the chroot....so I ran epoptes-client -c....and 
it failed.  I tried uninstalling and reinstalling epoptes-client....no go.  In 
the chroot, I get this: 

epoptes-client -c
4147701960:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown 
protocol:s23_clnt.c:749:
epoptes-client ERROR: Failed to fetch certificate from localhost:789

I ran a set of commands you pointed out to someone else in launchpad....see 
below.  I'm open to any help you can give...it was working beautifully...I had 
wake-on-lan...and everything working....*sigh*....hope you can help  :-)

root@edubuntu-server:/# cat /proc/sys/kernel/random/entropy_avail
cat: /proc/sys/kernel/random/entropy_avail: No such file or directory
root@edubuntu-server:/# gnutls-cli-debug -p 789 -d 3 -V localhost
Resolving 'localhost'...
Connecting to '127.0.0.1:789'...
|<2>| ASSERT: gnutls_constate.c:695
|<3>| HSK[0x837e8a8]: Keeping ciphersuite: RSA_3DES_EDE_CBC_SHA1
|<3>| HSK[0x837e8a8]: Keeping ciphersuite: RSA_ARCFOUR_SHA1
|<3>| HSK[0x837e8a8]: Keeping ciphersuite: RSA_ARCFOUR_MD5
|<3>| HSK[0x837e8a8]: Keeping ciphersuite: DHE_RSA_3DES_EDE_CBC_SHA1
|<3>| HSK[0x837e8a8]: Keeping ciphersuite: DHE_DSS_3DES_EDE_CBC_SHA1
|<3>| HSK[0x837e8a8]: Removing ciphersuite: ANON_DH_3DES_EDE_CBC_SHA1
|<3>| HSK[0x837e8a8]: Removing ciphersuite: ANON_DH_ARCFOUR_MD5
|<3>| HSK[0x837e8a8]: Keeping ciphersuite: RSA_EXPORT_ARCFOUR_40_MD5
|<3>| HSK[0x837e8a8]: CLIENT HELLO was sent [57 bytes]
|<2>| ASSERT: gnutls_record.c:538
|<2>| ASSERT: gnutls_record.c:995
|<2>| ASSERT: gnutls_handshake.c:2762
Checking for SSL 3.0 support... no
|<2>| ASSERT: gnutls_constate.c:695
|<3>| HSK[0x837e8a8]: Keeping ciphersuite: RSA_3DES_EDE_CBC_SHA1
|<3>| HSK[0x837e8a8]: Keeping ciphersuite: RSA_AES_128_CBC_SHA1
|<3>| HSK[0x837e8a8]: Keeping ciphersuite: DHE_RSA_3DES_EDE_CBC_SHA1
|<3>| HSK[0x837e8a8]: Keeping ciphersuite: DHE_RSA_AES_128_CBC_SHA1
|<3>| HSK[0x837e8a8]: Keeping ciphersuite: DHE_DSS_3DES_EDE_CBC_SHA1
|<3>| HSK[0x837e8a8]: Keeping ciphersuite: DHE_DSS_AES_128_CBC_SHA1
|<3>| HSK[0x837e8a8]: Removing ciphersuite: ANON_DH_3DES_EDE_CBC_SHA1
|<3>| HSK[0x837e8a8]: Removing ciphersuite: ANON_DH_AES_128_CBC_SHA1
|<2>| EXT[0x837e8a8]: Sending extension SAFE RENEGOTIATION (1 bytes)
|<3>| HSK[0x837e8a8]: CLIENT HELLO was sent [62 bytes]
|<2>| ASSERT: gnutls_record.c:538
|<2>| ASSERT: gnutls_record.c:995
|<2>| ASSERT: gnutls_handshake.c:2762
Checking whether %COMPAT is required... yes
|<2>| ASSERT: gnutls_constate.c:695
|<3>| HSK[0x837e8a8]: Keeping ciphersuite: RSA_3DES_EDE_CBC_SHA1
|<3>| HSK[0x837e8a8]: Keeping ciphersuite: RSA_ARCFOUR_SHA1
|<3>| HSK[0x837e8a8]: Keeping ciphersuite: RSA_ARCFOUR_MD5
|<3>| HSK[0x837e8a8]: Keeping ciphersuite: DHE_RSA_3DES_EDE_CBC_SHA1
|<3>| HSK[0x837e8a8]: Keeping ciphersuite: DHE_DSS_3DES_EDE_CBC_SHA1
|<3>| HSK[0x837e8a8]: Keeping ciphersuite: DHE_DSS_ARCFOUR_SHA1
|<3>| HSK[0x837e8a8]: Removing ciphersuite: ANON_DH_3DES_EDE_CBC_SHA1
|<3>| HSK[0x837e8a8]: Removing ciphersuite: ANON_DH_ARCFOUR_MD5
|<3>| HSK[0x837e8a8]: Keeping ciphersuite: RSA_EXPORT_ARCFOUR_40_MD5
|<2>| EXT[0x837e8a8]: Sending extension SAFE RENEGOTIATION (1 bytes)
|<3>| HSK[0x837e8a8]: CLIENT HELLO was sent [64 bytes]
|<2>| ASSERT: gnutls_record.c:538
|<2>| ASSERT: gnutls_record.c:995
|<2>| ASSERT: gnutls_handshake.c:2762
Checking for TLS 1.0 support... no
|<2>| ASSERT: gnutls_constate.c:695
|<3>| HSK[0x837e8a8]: Keeping ciphersuite: RSA_3DES_EDE_CBC_SHA1
|<3>| HSK[0x837e8a8]: Keeping ciphersuite: RSA_ARCFOUR_SHA1
|<3>| HSK[0x837e8a8]: Keeping ciphersuite: RSA_ARCFOUR_MD5
|<3>| HSK[0x837e8a8]: Keeping ciphersuite: DHE_RSA_3DES_EDE_CBC_SHA1
|<3>| HSK[0x837e8a8]: Keeping ciphersuite: DHE_DSS_3DES_EDE_CBC_SHA1
|<3>| HSK[0x837e8a8]: Keeping ciphersuite: DHE_DSS_ARCFOUR_SHA1
|<3>| HSK[0x837e8a8]: Removing ciphersuite: ANON_DH_3DES_EDE_CBC_SHA1
|<3>| HSK[0x837e8a8]: Removing ciphersuite: ANON_DH_ARCFOUR_MD5
|<2>| EXT[0x837e8a8]: Sending extension SAFE RENEGOTIATION (1 bytes)
|<3>| HSK[0x837e8a8]: CLIENT HELLO was sent [62 bytes]
|<2>| ASSERT: gnutls_record.c:538
|<2>| ASSERT: gnutls_record.c:995
|<2>| ASSERT: gnutls_handshake.c:2762
Checking for TLS 1.1 support... no
|<2>| ASSERT: gnutls_constate.c:695
|<3>| HSK[0x837e8a8]: Keeping ciphersuite: RSA_3DES_EDE_CBC_SHA1
|<3>| HSK[0x837e8a8]: Keeping ciphersuite: RSA_ARCFOUR_SHA1
|<3>| HSK[0x837e8a8]: Keeping ciphersuite: RSA_ARCFOUR_MD5
|<3>| HSK[0x837e8a8]: Keeping ciphersuite: DHE_RSA_3DES_EDE_CBC_SHA1
|<3>| HSK[0x837e8a8]: Keeping ciphersuite: DHE_DSS_3DES_EDE_CBC_SHA1
|<3>| HSK[0x837e8a8]: Keeping ciphersuite: DHE_DSS_ARCFOUR_SHA1
|<3>| HSK[0x837e8a8]: Removing ciphersuite: ANON_DH_3DES_EDE_CBC_SHA1
|<3>| HSK[0x837e8a8]: Removing ciphersuite: ANON_DH_ARCFOUR_MD5
|<2>| EXT[0x837e8a8]: Sending extension SAFE RENEGOTIATION (1 bytes)
|<3>| HSK[0x837e8a8]: CLIENT HELLO was sent [62 bytes]
|<2>| ASSERT: gnutls_record.c:538
|<2>| ASSERT: gnutls_record.c:995
|<2>| ASSERT: gnutls_handshake.c:2762
Checking fallback from TLS 1.1 to... failed
|<2>| ASSERT: gnutls_constate.c:695
|<3>| HSK[0x837e8a8]: Keeping ciphersuite: RSA_3DES_EDE_CBC_SHA1
|<3>| HSK[0x837e8a8]: Keeping ciphersuite: RSA_ARCFOUR_SHA1
|<3>| HSK[0x837e8a8]: Keeping ciphersuite: RSA_ARCFOUR_MD5
|<3>| HSK[0x837e8a8]: Keeping ciphersuite: DHE_RSA_3DES_EDE_CBC_SHA1
|<3>| HSK[0x837e8a8]: Keeping ciphersuite: DHE_DSS_3DES_EDE_CBC_SHA1
|<3>| HSK[0x837e8a8]: Keeping ciphersuite: DHE_DSS_ARCFOUR_SHA1
|<3>| HSK[0x837e8a8]: Removing ciphersuite: ANON_DH_3DES_EDE_CBC_SHA1
|<3>| HSK[0x837e8a8]: Removing ciphersuite: ANON_DH_ARCFOUR_MD5
|<2>| EXT[0x837e8a8]: Sending extension SAFE RENEGOTIATION (1 bytes)
|<3>| HSK[0x837e8a8]: CLIENT HELLO was sent [62 bytes]
|<2>| ASSERT: gnutls_record.c:538
|<2>| ASSERT: gnutls_record.c:995
|<2>| ASSERT: gnutls_handshake.c:2762
Checking for TLS 1.2 support... no
|<2>| ASSERT: gnutls_constate.c:695
|<3>| HSK[0x837e8a8]: Keeping ciphersuite: RSA_3DES_EDE_CBC_SHA1
|<3>| HSK[0x837e8a8]: Keeping ciphersuite: RSA_ARCFOUR_SHA1
|<3>| HSK[0x837e8a8]: Keeping ciphersuite: RSA_ARCFOUR_MD5
|<3>| HSK[0x837e8a8]: Keeping ciphersuite: DHE_RSA_3DES_EDE_CBC_SHA1
|<3>| HSK[0x837e8a8]: Keeping ciphersuite: DHE_DSS_3DES_EDE_CBC_SHA1
|<3>| HSK[0x837e8a8]: Keeping ciphersuite: DHE_DSS_ARCFOUR_SHA1
|<3>| HSK[0x837e8a8]: Removing ciphersuite: ANON_DH_3DES_EDE_CBC_SHA1
|<3>| HSK[0x837e8a8]: Removing ciphersuite: ANON_DH_ARCFOUR_MD5
|<3>| HSK[0x837e8a8]: Keeping ciphersuite: RSA_EXPORT_ARCFOUR_40_MD5
|<2>| EXT[0x837e8a8]: Sending extension SAFE RENEGOTIATION (1 bytes)
|<3>| HSK[0x837e8a8]: CLIENT HELLO was sent [64 bytes]
|<2>| ASSERT: gnutls_record.c:538
|<2>| ASSERT: gnutls_record.c:995
|<2>| ASSERT: gnutls_handshake.c:2762
Checking whether we need to disable TLS 1.0... yes

Server does not support any of SSL 3.0, TLS 1.0 and TLS 1.1

Thanks!

David Trask

-- 
You received this question notification because you are a member of
Epoptes Developers, which is an answer contact for Epoptes.

-- 
Mailing list: https://launchpad.net/~epoptes
Post to     : [email protected]
Unsubscribe : https://launchpad.net/~epoptes
More help   : https://help.launchpad.net/ListHelp

[Epoptes] [Question #206372]: Epoptes fails after update....certificate issue

Reply via email to