FliesLikeABrick
commented
5 years ago Hi @aaron-hall-7 - can you provide some steps to reproduce this symptom/issue, maybe even including an nginx or apache server configuration that causes this issue?
Closed therealahall closed 5 years ago
FliesLikeABrick
commented
5 years ago Hi @aaron-hall-7 - can you provide some steps to reproduce this symptom/issue, maybe even including an nginx or apache server configuration that causes this issue?
therealahall
commented
5 years ago Hah, I wrote up a massive response detailing all of this out only to find out I was using an incorrect cipher. Thanks for your help @FliesLikeABrick. I'm closing this one out.
FliesLikeABrick
commented
5 years ago @aaron-hall-7 what was the incorrect cipher? I might want to patch it to handle that more gracefully, even if it is user error
therealahall
commented
5 years ago @FliesLikeABrick I was using this one: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 but I can't remember what list I got that from.
Here's what bwmg output: Bee 0 lost sight of the target (connection timed out running ab).
Here's the output that ab gave me from the server: error setting cipher list [TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384] 140635655923584:error:1410D0B9:SSL routines:SSL_CTX_set_cipher_list:no cipher match:../ssl/ssl_lib.c:2129:
Switching to EECDH+AES128 worked and gave me back response codes as expected.
Everything seems to be running well when running it normally, I'm able to get a response back from my bees, I'm getting valid response codes, however, I tested this against a site that didn't allow TLSV1.0 so it was failing the handshake. So I tried running with -Z and then a cipher name that meets the criteria of the site, but now I'm receiving the error connection timed out running ab. I tried ssh'ing into the server and verifying that apache2-utils is installed, and ab seems to be able to be run on the servers, so I'm not sure what else could be wrong here.