Maria Hrabosova writes: > 2022-02-03 08:05:04.134 INFO [kea-ctrl-agent.http/7518.139986295949504] > HTTP_CONNECTION_HANDSHAKE_FAILED TLS handshake with 192.168.1.42 failed > with no shared cipher
The "no shared cipher" error from OpenSSL can come from many reasons but all are about incompability between OpenSSL defaults and the Stork PKI. If you do not want to simply create a simple PKI and import certificates from it in Stork and Kea, I suggest: - dump the certificates in order to understand what crypto they use - get the OpenSSL build configuration, in particular for "new" crypto if the OpenSSL library version is old - dump the handshake messages on the wire: they are in clear text Regards Francis Dupont <[email protected]> -- ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users. Kea-users mailing list [email protected] https://lists.isc.org/mailman/listinfo/kea-users
