![]() That should update mono to 3.10 (or newer) (which looks older than the stock ubuntu package, but apparently the decimal system doesn’t mean anything in versioning… 3.10 is > 3.2 believe it or not… Sudo add-apt-repository ppa:inizan-yannick/mono Ok… just to close the loop on this a little bit… I ended up NOT having to build mono from source… I found a repository that has up to date mono releases built… I did jump through some hoops before I found this out, so what I’m outlining below isn’t the exact process I went through… but it is what I think will work for someone else if anyone is having SSL troubles w/ nzbdrone. I just noticed that SslCertHash tag in there… what populates that? Perhaps that’s what I’m missing! (sab/couchpotato/nzbget/etc)ītw, my nzbdrone config.xml file looks like this: They are free and work great w/ every other software I’ve thrown them at on this same machine. Unfortunately, the openssl command output remained the same as my previous post…ĭid I misunderstand you? Did I miss a necessary step? I sure hope so!ītw, this cert is a signed cert. ![]() $ httpcfg -add -port 9898 -pvk server.pvk -cert server.certĪs you can see, the thumbprints remained the same before and after. Then I copied server.pvk back onto the Linux machine and ran mono’s $ httpcfg -list That essentially turned a base64 key into a binary key… I don’t think the original one had a password on it. On a windows box: pvk -in server.key -topvk -nocrypt -out server.pvk Thanks for the suggestions… I’ve done the following, and unfortunately, no change occurred. Running that same openssl command on another port on my box that uses the same SSL cert, and the output is MUCH different… streaming the certificate, and cert description, TLSv1.2, etc… Something is wonky with nzbdrone… Perhaps TLSv1 isn’t supported anymore… SSL handshake has read 7 bytes and written 0 bytes This was interesting output… 9898 is my nzbdrone SSL port now… I swapped it… 8989 is non-ssl… This is what openssl has to say about it, even though Chrome can access it just fine… though it does pop up a cert auth box… # openssl s_client -host -port 9898ġ39875413264032:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:s23_lib.c:177: So, my long winded question is, what is causing the failure, and how can I use SSL w/o errors? And a side question of how I can either utilize or silence the certificate authentication pop up of nzbDrone. If I switch nzbToMedia in NZBGET to NOT utilize SSL for nzbdrone (and switch to the other non-ssl port), then the post processing script seems to work. I typically hit cancel at that screen and then it prompts me for HTTP basic authentication. However, when I load up in Chrome, it happily connects but prompts me with a “Select a certificate” pop up. ![]() Unknown SSL protocol error in connection to :9898Ĭurl: (35) Unknown SSL protocol error in connection to :9898.SSLv3, TLS handshake, Client hello (1):.successfully set certificate verify locations:.NzbToMedia commit c7d4160a06333aa99ebbefeacc0780dc7c84ec99 (latest one)Ĭurl test output from the local machine, and resolves to the eth0 IP address, which nzbdrone is listening on: I SUSPECT it may be because nzbdrone appears to attempt to do a certificate level authentication process… or perhaps because the python SSL code doesn’t trust my StartCom SSL key… I tried modifying the code to not verify the SSL cert, but that doesn’t seem to help… and testing with curl (w/ -k to ignore the untrusted cert) seems to throw a connection failure message too. I am having difficulties getting nzbToMedia talk properly to my SSL enabled nzbdrone port… It says it has trouble connecting to it.
0 Comments
Leave a Reply. |