Some follow-on information.

I grabbed my Apache configuration for the server 
from https://mozilla.github.io/server-side-tls/ssl-config-generator/
Initially, I tried the "Modern" configuration.

When I switch to the "Intermediate" configuration, it starts working.

I updated my logging on the server to track which protocol & cipher are 
being used, and I see this when I connect from the browser:

TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256

(That's good)


... but I see this if I run "rbt setup-repo" or "rbt post"

TLSv1 DHE-RSA-AES128-SHA


Why is it that rbt uses the older protocol & cipher? I've been advised to 
go run wireshark, and maybe that will provide more insight.


Eric.



On Friday, September 9, 2016 at 10:02:28 AM UTC-7, er...@tibco.com wrote:
>
> The specific, full message is this:
>
> ERROR: Could not reach the Review Board server at ________________: SSL: 
> SSLV3_ALERT_HANDSHAKE_FAILURE] sslv3 alert handshake failure (_ssl.c:590)
>
>
> This is not a self-signed certificate. My web browsers all work fine when 
> I connect to the site. When I do this:
>
>
> > python
>
> > import ssl
>
> > ssl.OPENSSL_VERSION
>
> >>> 'OpenSSL 1.0.2h  3 May 2016'
>
>
> I'm sort of at a loss for how to troubleshoot this. I turn on all the 
> debugging and logging I can on the server, and I'm not seeing any 
> additional information.
>
>
> It doesn't look like rbt setup-repo takes any "verbose" options that will 
> clarify the problem.
>
>
> Suggestions?
>
>
> Thanks!
>
>
> Eric.
>

-- 
Supercharge your Review Board with Power Pack: 
https://www.reviewboard.org/powerpack/
Want us to host Review Board for you? Check out RBCommons: 
https://rbcommons.com/
Happy user? Let us know! https://www.reviewboard.org/users/
--- 
You received this message because you are subscribed to the Google Groups 
"reviewboard" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to reviewboard+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Reply via email to