You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
When i setup a default ircd-seven and i connect via ssl, i get: [22:02:33] TLS: error:1408F10B:SSL routines:ssl3_get_record:wrong version number
because the server just doesnt speak ssl yet.
so thats the error mesage openssl gives us,
I think, that was meant in this other Issue about enhancing ssl error reporting.
i would like to present some more help text to the user,
but it seems thats not possible, we cant interpret the error message,
could be anything probably.
or can we? maybe display a list of things to check?
like if the dst port really does speak ssl?
like debug the destination with openssl client -debug -connect
Question 2
We currently set tls_protocols and ciphers and so on, once. Esp. relevant after merge of #185. For all connections the same settings. It may be a good idea, to let different connections have different settings. Like i would need to set SSLv3 for connect to irc server, but i would like to set strict TLSv1.3 only for connect from/to other bots.
What do you think about this? And how should we approach this?
The text was updated successfully, but these errors were encountered:
Question 1
When i setup a default ircd-seven and i connect via ssl, i get:
[22:02:33] TLS: error:1408F10B:SSL routines:ssl3_get_record:wrong version number
because the server just doesnt speak ssl yet.
so thats the error mesage openssl gives us,
I think, that was meant in this other Issue about enhancing ssl error reporting.
i would like to present some more help text to the user,
but it seems thats not possible, we cant interpret the error message,
could be anything probably.
or can we? maybe display a list of things to check?
like if the dst port really does speak ssl?
like debug the destination with openssl client -debug -connect
Question 2
We currently set tls_protocols and ciphers and so on, once. Esp. relevant after merge of #185. For all connections the same settings. It may be a good idea, to let different connections have different settings. Like i would need to set SSLv3 for connect to irc server, but i would like to set strict TLSv1.3 only for connect from/to other bots.
What do you think about this? And how should we approach this?
The text was updated successfully, but these errors were encountered: