Packet Size Too Big - Githubissues

metaregistrar / php-epp-client

Object-oriented PHP EPP Client

https://www.metaregistrar.com/docs/

MIT License

210 stars 155 forks source link

Packet Size Too Big #185

Closed swartjie closed 4 years ago

swartjie commented 5 years ago

Hey Guys,

I am running into a bit of a wall... I am trying to connect to the COZA OT&E server with MetaRegistrar, but I keep running into the same issue...

If I add ssl:// to the url, the connection is refused, error code 0... When I remove ssl:// the stream is opened, but I then get an error message Packet size is too big: 352518908. Closing connection

What would be the issue there though? How can I solve it? This EPP has been driving me insane for a while...

swartjie commented 5 years ago

This did pop up in the debug logs on the server... Don't know if it helps...

./fms-debug.log:19 Apr 2019 20:48:37,210 SID: ID: RAR: DEBUG Connection accepted from sv2.xxxxxxx.tld/129.232.xxx.xxx on port 53434 ./fms-debug.log:19 Apr 2019 20:48:47,005 SID:D9CB1 ID: RAR: DEBUG Sending Greeting to 'EPP-#29966--D2BB1-sv2.xxxxxxx.tld/129.232.xxx.xxx:3121' ./fms-debug.log:19 Apr 2019 20:48:47,006 SID:D9CB1 ID: RAR: WARN SSLException occurred while listening to 'sv2.xxxxxxx.tld/129.232.xxx.xxx': Connection has been shutdown: javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection?

metaregistrar commented 5 years ago

With ssl:// is the correct setting. Our settings to ZACR look like this:

interface=cozaEppConnection
hostname=ssl://epp.coza.net.za
port=3121
userid=xxxxxx
password=xxxxxxx
certificatefile=settings/coza/mtrepp.pem

So please make sure that you have uploaded a valid public key on the registry website https://portal.registry.net.za. That public key must match the information given in 'certificatefile'. The manual for ZACR tells you all about how to connect.

metaregistrar commented 5 years ago

Oh, and one other thing - if your server is on IPv6, please make sure that your IPv6 address is added to the whitelist. This one took me a long time, because sometime our server would connect, and some times it would not - found out that in some cases the connection was made over IPv4, and in other cases over IPv6.

swartjie commented 5 years ago

We don't use IPv6, so that would not be the issue, and our live connection is fine, running 100%... The issue is with the OT&E server, we cannot get connected to that server at all, with or without SSL

maartenschalekamp commented 3 years ago

@swartjie have you managed to resolve your issue?

swartjie commented 3 years ago

Hey @maartenschalekamp yeah, I was able to solve it. We just had to spesify the ssl:// in front of the URL :)

maartenschalekamp commented 3 years ago

Thank you @swartjie - I have found that I needed to disable VerifyPeerName as the hostname does not match the certificate common name provided.