aktualizr icon indicating copy to clipboard operation
aktualizr copied to clipboard

Published 20 hours ago verified publisher icon advancedtelematic

Is aktualizr using TLS 1.3

Open Moeed148a opened this issue 1 year ago • 2 comments

I have update the ngnix version in the docker compose file in the ota-community-edition https://github.com/uptane/ota-community-edition/blob/v2/ota-ce.yaml

Now when i try to connect the aktualizr to the ota-community-edition server. It shows the following error. Kindly help me.

TCP_NODELAY set​

  • Connected to ota.ce (127.0.0.1) port 30443 (#1)​

  • ALPN, offering http/1.1​

  • successfully set certificate verify locations:​

  • CAfile: /tmp/aktualizr-5985-3051-b8cd-db04/33f6-35cf-tls-ca​

CApath: /etc/ssl/certs​

  • error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure​

  • stopped the pause stream!​

  • Closing connection 1​

curl error 35 (http code 0): SSL connect error​

  • Hostname ota.ce was found in DNS cache

Moeed148a avatar Jun 18 '23 01:06 Moeed148a

Because the nginix server is running on the TLS 1.3. The link for ngnix docker file is below

https://hub.docker.com/r/openquantumsafe/nginx

Moeed148a avatar Jun 18 '23 01:06 Moeed148a

I don't believe aktualizr specifies a TLS version, so this depends on other dependencies. However, see also https://github.com/uptane/aktualizr/issues/83.

FWIW I strongly recommend using the Uptane version of this repo, as it includes many fixes not present in this version.

pattivacek avatar Jun 21 '23 08:06 pattivacek