[ipxe-devel] Error 410de18f

Michael Brown mcb30 at ipxe.org
Sat Aug 1 14:22:32 UTC 2015

On 01/08/15 05:46, Beima, Charlie wrote:
> I have iPXE working using “chain https://boot.ipxe.org/demo/boot.php”,
> but when I try it on my site I get the following:
> iPXE> chain https://economics.indiana.edu/boot
> https://economics.indiana.edu/boot... Operation not permitted
> (http://ipxe.org/410de18f)
> iPXE>
> The http://ipxe.org/err/410de1 error seems to indicate a TLS problem.
> I’m using https://rom-o-matic.eu/ to build a x64 EFI image with HTTPS
> added. The site uses a wildcard certificate. I would troubleshoot it
> more but I can’t figure out how to enable debugging to the console.

I've tried fetching from your HTTPS URL using iPXE.  The server is 
rejecting the connection with a "Handshake Failure" alert immediately 
upon receiving the ClientHello (which is the first message sent in an 
HTTPS connection).

If I downgrade iPXE to use TLSv1.1 instead of TLSv1.2, the server does 
not reject the connection.  However, the server is happy to negotiate 
TLSv1.2 with other clients.

I have not identified precisely what it is about iPXE's ClientHello that 
the server does not like.  Could you check the server logs (and increase 
the server log level if necessary) to find out what is causing the error?



More information about the ipxe-devel mailing list