[ipxe-devel] Error 410de18f
Michael Brown
mcb30 at ipxe.org
Sat Aug 1 14:22:32 UTC 2015
On 01/08/15 05:46, Beima, Charlie wrote:
> I have iPXE working using “chain https://boot.ipxe.org/demo/boot.php”,
> but when I try it on my site I get the following:
>
> iPXE> chain https://economics.indiana.edu/boot
>
> https://economics.indiana.edu/boot... Operation not permitted
> (http://ipxe.org/410de18f)
>
> iPXE>
>
> The http://ipxe.org/err/410de1 error seems to indicate a TLS problem.
> I’m using https://rom-o-matic.eu/ to build a x64 EFI image with HTTPS
> added. The site uses a wildcard certificate. I would troubleshoot it
> more but I can’t figure out how to enable debugging to the console.
I've tried fetching from your HTTPS URL using iPXE. The server is
rejecting the connection with a "Handshake Failure" alert immediately
upon receiving the ClientHello (which is the first message sent in an
HTTPS connection).
If I downgrade iPXE to use TLSv1.1 instead of TLSv1.2, the server does
not reject the connection. However, the server is happy to negotiate
TLSv1.2 with other clients.
I have not identified precisely what it is about iPXE's ClientHello that
the server does not like. Could you check the server logs (and increase
the server log level if necessary) to find out what is causing the error?
Thanks,
Michael
More information about the ipxe-devel
mailing list