search

OCSInventory-NG / WindowsAgent

OCS Inventory NG Agent for Windows
http://www.ocsinventory-ng.org/
Other
153 stars 79 forks source link

SSL peer certificate was not OK - elliptic curve cert #229

Open multiflexi opened 2 years ago

multiflexi commented 2 years ago

General information

Operating system : Windows 10 21H1

OCS Inventory information

Windows agent version : 2.8.0

Problem's description

I am using secp384r1 private key for TLS. The agent has access to the certificate, but fails to communicate with the server. It works well on Ubuntu 20.04 and macOS 11.6.1, both agents version 2.8.0. The cacert.pem file includes the whole chain of certificates.

Inventory log file ( Windows )

Starting OCS Inventory Agent on Monday, November 15, 2021 16:04:26.
AGENT => Running OCS Inventory Agent Version 2.8.0.0
AGENT => Using OCS Inventory FrameWork Version 2.8.0.0
AGENT => Loading plug-in(s)
AGENT => Using network connection with Communication Server
AGENT => Using Communication Provider <OCS Inventory cURL Communication Provider> Version <2.8.0.0>
AGENT => Sending Prolog
ERROR *** AGENT => Failed to send Prolog <SSL peer certificate or SSH remote key was not OK>
AGENT => Unloading communication provider
AGENT => Unloading plug-in(s)
AGENT => Execution duration: 00:00:00.
StCyr commented 2 years ago

We have such an issue too with 1 of our agent. I don't know which ciphersuite we're using though