[ipxe-devel] https with letsencrypt certificate

Tamas Baumgartner-Kis tbk-ipxe at yals.de
Thu Oct 4 18:29:20 UTC 2018


ok this is because I used hiawatha as the webserver and hiawatha is very
conservative with the ssl cipher.

I tried lighttpd with the intermediate profile from : 


lighttpd 1.4.50 | intermediate profile | OpenSSL 1.0.1e | 
Oldest compatible clients : Firefox 1, Chrome 1, IE 7, Opera 5, Safari 1,
Windows XP IE8, Android 2.3, Java 7


ssl.cipher-list           =


with this ssl cipher setup its working fine out of the box with a letsencrypt


On 03/10/18 at 02:59pm, Tamas Baumgartner-Kis wrote:
>I try to set up https for ipxe but I fail with the DEBUG=tls error:
>TLS 0x865b0228 received fatal alert 40
>and PXE error:
>Operation not permitted (http://ipxe.org/410de18f)
>I enable the HTTPS protocol.
>My webserver uses a letsencrypt certificate and when I understand the instruction
>in https://ipxe.org/crypto:
>>In the default configuration, iPXE will [...] automatically trust the same set
>>of certificates as the Firefox web browser.
>this should work because Firefox trust the "DST ROOT CA X3" (letsencrypt)
>    Tamas

>ipxe-devel mailing list
>ipxe-devel at lists.ipxe.org

More information about the ipxe-devel mailing list