Support #5963: HTTPS server in wthttpd - Error: failed to select ciphers for cipher list - Wt - Redmine

Actions

Copy link

Support #5963

open

HTTPS server in wthttpd - Error: failed to select ciphers for cipher list

Added by Dennis Muriuki over 6 years ago. Updated over 6 years ago.

Status:

New

Priority:

Normal

Assignee:

Wim Dumon

Target version:

3.3.8

Start date:

10/02/2017

Due date:

% Done:

Estimated time:

Description

After following the instructions on the Faqs. Am still not able to run my project with https.

This is the command:

oauth.exe ---https-address=0.0.0.0 ---ssl-certificate=server.pem ---ssl-private-key=server.key ---ssl-tmp-dh=dh2048.pem ---ssl-cipherlist='ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:[](aNULL:)eNULL:[](EXPORT:)DES:[](RC4:)MD5:[](PSK:)aECDH:[](EDH-DSS-DES-CBC3-SHA:)EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA' -c wt_config.xml ---docroot .

[2017-Oct-02 17:51:41.582325] 11412 - [info] "config: reading Wt config file: wt_config.xml (location = 'oauth.exe')"

[2017-Oct-02 17:51:41.600337] 11412 - [info] "WServer/wthttp: initializing built-in wthttpd"

[2017-Oct-02 17:51:42.368848] 11412 - [info] "wthttp: starting server: https://0.0.0.0:443"

The cipher error is below:

Error: failed to select ciphers for cipher list 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:[](aNULL:)eNULL:[](EXPORT:)DES:[](RC4:)MD5:[](PSK:)aECDH:[](EDH-DSS-DES-CBC3-SHA:)EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA'

Files

cmd log.txt (1.93 KB) cmd log.txt

Dennis Muriuki, 10/02/2017 07:37 PM

Actions

Copy link

Updated by Wim Dumon over 6 years ago

Hey,

We pass this cypher list as is to openssl, so openssl doesn't like it. This cypher list may not be compatible with the version of openssl that you use.

Also, I recommend to go to specialized sites for info on this topic. Our FAQ may not adhere to the most up-to-date recommendations.

Best regards,

Wim.

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

Wt

Support #5963

HTTPS server in wthttpd - Error: failed to select ciphers for cipher list

Updated by Wim Dumon over 6 years ago