[ipxe-devel] Ubuntu 18.04 libssl1.1 TLS 0x33444
Robin Smidsrød
robin at smidsrod.no
Tue Jun 18 07:01:42 UTC 2019
On 17.06.2019 14.46, mail at localhorst.es wrote:
> after I updated the libssl1.1 package from the official Ubuntu 18.04
> repository, iPXE is unable to connect to the Apache webserver over SSL.
>
> The error messages:
> ipxe: TLS 0x33444 received overlength Handshake
> ipxe: Download of "default.ipxe" failed: Invalid argument
> (http://ipxe.org/1c0de802)
>
> iPXE is compiled with the following command:
> make DEBUG=tls,x509,ocsp bin/undionly.kpxe TRUST=certs.pem
>
> libssl1.1 package information (dpkg -s libssl1.1):
> Package: libssl1.1
> Version: 1.1.1-1ubuntu2.1~18.04.1
>
> Do you have any suggestions so far?
>
> Kind regards,
> Patrick
Most likely your Apache webserver is now using _only_ crypto algorithms
that are unsupported by iPXE. You'll need to configure your web server
to use at least one crypto algorithm combination that is supported by
iPXE. Check the iPXE website for which algorithms are actually supported
and configure your web server to use the strongest one available.
Just FYI, iPXE uses its own crypto algorithms and is not using openssl.
-- Robin
More information about the ipxe-devel
mailing list