0
Under review
Custom SSL problems
Trying to use a real ssl certificate with ajenti, I have the private key, site certificate, intermidiate and root certificates which I use fine on apache, but when trying to combine into a single pem for ajenti to use the website is always unavailable with this error appearing in the logs
Traceback (most recent call last):
File "/usr/lib/python2.7/dist-packages/gevent/greenlet.py", line 327, in run
result = self._run(*self.args, **self.kwargs)
File "/usr/lib/python2.7/dist-packages/gevent/server.py", line 102, in wrap_socket_and_handle
ssl_socket = self.wrap_socket(client_socket, **self.ssl_args)
File "/usr/lib/python2.7/dist-packages/gevent/ssl.py", line 383, in wrap_socket
ciphers=ciphers)
File "/usr/lib/python2.7/dist-packages/gevent/ssl.py", line 94, in __init__
self.do_handshake()
File "/usr/lib/python2.7/dist-packages/gevent/ssl.py", line 305, in do_handshake
return self._sslobj.do_handshake()
SSLError: [Errno 1] _ssl.c:510: error:1408A0C1:SSL routines:SSL3_GET_CLIENT_HELLO:no shared cipher
<Greenlet at 0x7f816fe35eb0: <bound method SocketIOServer.wrap_socket_and_handle of <SocketIOServer at 0x7f816f7fca50 fileno=8 address=0.0.0.0:8000>>(<socket at 0x7f816f674210 fileno=12 sock=178.62.19, ('82.7.176.154', 55731))> failed with SSLError
Traceback (most recent call last):
File "/usr/lib/python2.7/dist-packages/gevent/greenlet.py", line 327, in run
result = self._run(*self.args, **self.kwargs)
File "/usr/lib/python2.7/dist-packages/gevent/server.py", line 102, in wrap_socket_and_handle
ssl_socket = self.wrap_socket(client_socket, **self.ssl_args)
File "/usr/lib/python2.7/dist-packages/gevent/ssl.py", line 383, in wrap_socket
ciphers=ciphers)
File "/usr/lib/python2.7/dist-packages/gevent/ssl.py", line 94, in __init__
self.do_handshake()
File "/usr/lib/python2.7/dist-packages/gevent/ssl.py", line 305, in do_handshake
return self._sslobj.do_handshake()
SSLError: [Errno 1] _ssl.c:510: error:1408A0C1:SSL routines:SSL3_GET_CLIENT_HELLO:no shared cipher
<Greenlet at 0x7f816fe35eb0: <bound method SocketIOServer.wrap_socket_and_handle of <SocketIOServer at 0x7f816f7fca50 fileno=8 address=0.0.0.0:8000>>(<socket at 0x7f816f674210 fileno=12 sock=178.62.19, ('82.7.176.154', 55731))> failed with SSLError
Customer support service by UserEcho
priv.key
domain.crt
intermediate.pem
root.pem
but alas, no luck, I'll go and post on startssl and see if they've got a tool for combining it, is it possible the ssl engine in python can't handle it for some reason?
The `no shared cipher` bit is strange.
If I get ajenti running with the generated unsigned cert can I configure nginx from within it to host it? Sounds a bit dodgy