Closed ampledata closed 2 years ago
You may encounter the following bug when running a pytak based tool with TLS enabled:
ssl.SSLError: [SSL: SSLV3_ALERT_HANDSHAKE_FAILURE] sslv3 alert handshake failure (_ssl.c:1056)
This is possibly due to a TLS Cipher Suite mismatch between the client (in this case, pytak or a pytak-based tool) and the server.
A work-around is available by allowing all Cipher Suites by setting the following environment variable:
export PYTAK_TLS_CLIENT_CIPHERS=ALL
You can enable this inline by pre-pending your command, for example:
PYTAK_TLS_CLIENT_CIPHERS=ALL adsbxcot ...
Or, if you're using a systemd config:
Environment=PYTAK_TLS_CLIENT_CIPHERS=ALL
For reference, the default Cipher Suite is:
DEFAULT_FIPS_CIPHERS: str = "ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384"
See: https://github.com/ampledata/pytak/blob/main/pytak/constants.py#L32
You may encounter the following bug when running a pytak based tool with TLS enabled:
This is possibly due to a TLS Cipher Suite mismatch between the client (in this case, pytak or a pytak-based tool) and the server.
A work-around is available by allowing all Cipher Suites by setting the following environment variable:
You can enable this inline by pre-pending your command, for example:
Or, if you're using a systemd config:
For reference, the default Cipher Suite is:
See: https://github.com/ampledata/pytak/blob/main/pytak/constants.py#L32