Project

General

Profile

Support #5963

HTTPS server in wthttpd - Error: failed to select ciphers for cipher list

Added by Dennis Muriuki about 5 years ago. Updated about 5 years ago.

Status:
New
Priority:
Normal
Assignee:
Target version:
Start date:
10/02/2017
Due date:
% Done:

0%

Estimated time:

Description

After following the instructions on the Faqs. Am still not able to run my project with https.

This is the command:

oauth.exe ---https-address=0.0.0.0 ---ssl-certificate=server.pem ---ssl-private-key=server.key ---ssl-tmp-dh=dh2048.pem ---ssl-cipherlist='ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:[](aNULL:)eNULL:[](EXPORT:)DES:[](RC4:)MD5:[](PSK:)aECDH:[](EDH-DSS-DES-CBC3-SHA:)EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA' -c wt_config.xml ---docroot .

[2017-Oct-02 17:51:41.582325] 11412 - [info] "config: reading Wt config file: wt_config.xml (location = 'oauth.exe')"

[2017-Oct-02 17:51:41.600337] 11412 - [info] "WServer/wthttp: initializing built-in wthttpd"

[2017-Oct-02 17:51:42.368848] 11412 - [info] "wthttp: starting server: https://0.0.0.0:443"

The cipher error is below:

Error: failed to select ciphers for cipher list 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:[](aNULL:)eNULL:[](EXPORT:)DES:[](RC4:)MD5:[](PSK:)aECDH:[](EDH-DSS-DES-CBC3-SHA:)EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA'


Files

cmd log.txt (1.93 KB) cmd log.txt Dennis Muriuki, 10/02/2017 07:37 PM
#1

Updated by Wim Dumon about 5 years ago

Hey,

We pass this cypher list as is to openssl, so openssl doesn't like it. This cypher list may not be compatible with the version of openssl that you use.

Also, I recommend to go to specialized sites for info on this topic. Our FAQ may not adhere to the most up-to-date recommendations.

Best regards,

Wim.

Also available in: Atom PDF