New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

axtls doesn't support DHE or ECDHE ciphers (ssl_handshake_status: -40 error) #3198

Open
kannan95 opened this Issue Jul 7, 2017 · 3 comments

Comments

Projects
None yet
3 participants
@kannan95

kannan95 commented Jul 7, 2017

When i tried to send a POST request to this URL https://www.terasyshub.io/api/v1/data I'm getting ssl_handshake_status: -40 error. I have tried flashing all the latest builds including today's build. But still getting the same error. I have ran the test script from #3150 with including my URL, the output I'm getting was this

google.com ok
www.google.com ok
api.telegram.org ok
www.terasyshub.io/api/v1/data OSError(-2,)
w9rybpfril.execute-api.ap-southeast-2.amazonaws.com ok

The url I included only throwing error.

@dpgeorge

This comment has been minimized.

Contributor

dpgeorge commented Jul 8, 2017

According to https://www.ssllabs.com/ssltest/ the server www.terasyshub.io only allows DHE and ECDHE ciphers and axtls doesn't support either of these, so the unix and esp8266 ports won't be able to connect to this server.

If you have access to the terasyshub.io server then you can enabled other ciphers to get it to work. An alternative solution is to convert unix and esp8266 to use mbedtls.

@kannan95

This comment has been minimized.

kannan95 commented Jul 8, 2017

What ciphers can I use instead of DHE and ECDHE? Can you provide the ciphers which supports in axtls and esp8266. I should able to send POST request to the server, the cipher suite should work. Can i use the cipher suite suggested in https://github.com/igrr/axtls-8266 ?

An alternative solution is to convert unix and esp8266 to use mbedtls.

I have no clue what you said here. Can you guide me how to convert unix and esp8266 to use mbedtls?

@pfalcon

This comment has been minimized.

Member

pfalcon commented Jul 8, 2017

What ...

You should refer to axTLS site/documentation to find answers to such questions. http://axtls.sourceforge.net/

@dpgeorge dpgeorge changed the title from ssl_handshake_status: -40 error to axtls doesn't support DHE or ECDHE ciphers (ssl_handshake_status: -40 error) Jul 9, 2017

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment