ofbiz-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jacques Le Roux <jacques.le.r...@les7arts.com>
Subject Re: Updating SSL certificate version
Date Sun, 03 Mar 2019 22:23:01 GMT
Hi Mathieu,

Hold on, I think I can help you but not before tomorrow evening

Hopefully someone will beat me on it...

Jacques

Le 03/03/2019 à 19:00, Mathieu Lirzin a écrit :
> Hello,
>
> I am facing a rather annoying issue when using OFBiz trunk on localhost
> which prevents me from using my preferred Web browsers.
>
> The issue is that some of the browsers I use or more precisely the
> library used by those browsers to do the TLS handshake seems to not
> accept the default certificate provided by OFBiz.  Here is the specific
> error I get on Chromium:
>
> --8<---------------cut here---------------start------------->8---
> This site can’t provide a secure connection localhost uses an unsupported protocol.
> ERR_SSL_VERSION_OR_CIPHER_MISMATCH
> Unsupported protocol
> The client and server don't support a common SSL protocol version or cipher suite.
> --8<---------------cut here---------------end--------------->8---
>
> Which is similar to what I have on GNU Icecat (→ Firefox)
>
> --8<---------------cut here---------------start------------->8---
> Secure Connection Failed
>
> An error occurred during a connection to localhost:8443. Cannot communicate securely
with peer: no common encryption algorithm(s). Error code: SSL_ERROR_NO_CYPHER_OVERLAP
>
>      The page you are trying to view cannot be shown because the authenticity of the
received data could not be verified.
>      Please contact the website owners to inform them of this problem.
> --8<---------------cut here---------------end--------------->8---
>
> I am using a rather exotic GNU/Linux distribution which is GuixSD so it
> might be difficult for any of you to reproduce the issue. However my
> guess is that the format of the OFBiz certificate is considered outdated
> on my machine.  As a consequence I would like to try to upgrade that
> certificate to a more recent format version.  Unfortunately I don't know
> much about SSL/TLS and in particular I don't know what is the proper way
> to regenerate the OFBiz certificate.
>
> The README in “framework/base/config/” mentions the details of that
> certificate but does not mention the command which has been used to
> generate it.  Does anyone know how I could achieve the regeneration of
> tha certificate?
>
> Thanks.
>

Mime
View raw message