[ipxe-devel] TLS error "Operation not permitted 410de13c"
Roman Gorshunov
paye600 at gmail.com
Thu May 31 19:00:39 UTC 2018
Hello,
First of all I wanted to thank all iPXE developers for the great
software you write. It saves tens of hours of work on server installs.
Kernel and initrd files served via HTTPS by JFrog Artifactory running
in docker/kubernetes. Service is proxied by ingress controller
(nginx). SSL certificate is valid, but iPXE prints an error and does
not load files:
TLS 0xf7074 received fatal alert 40
Operation not permitted (http://ipxe.org/410de13c)
Would you be able to help, please?
Additional information:
- curl, wget, browsers work without any problems
- server negotiates TLS 1.2 only
- server sends 3 certificates in a chain (2 intermediate from
authorities, and our certificate)
- openssl s_client by default gets untrusted "Kubernetes Ingress
Controller Fake Certificate" from ingress controller (nginx)
- openssl s_client with "-servername" option gets correct verifiable
certificate chain (SNI?)
Thank you in advance!
Best regards,
--
Roman Gorshunov
More information about the ipxe-devel
mailing list