Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

ssl-session protocol and cipher : handshake failure

  • 1 odgovor
  • 3 ima ovaj problem
  • 2 views
  • Posljednji odgovor poslao Dan33l

more options

Hi,

I modified a settings on my printer about security access. Then i am locked out. I get this message when i try to use the admin webpage : "Cannot communicate securely with peer: no common encryption algorithm(s). Error code: SSL_ERROR_NO_CYPHER_OVERLAP"

Some details bellow , hope it will help :

openssl s_client -connect xx.xx.xx.xx:443 -showcerts CONNECTED(00000003) depth=0 C = GB, CN = KM4CA1E7 verify error:num=20:unable to get local issuer certificate verify return:1 depth=0 C = GB, CN = KM4CA1E7 verify error:num=21:unable to verify the first certificate verify return:1 --- Certificate chain

0 s:/C=GB/CN=KM4CA1E7
  i:/C=GB/CN=KM4CA1E7

BEGIN CERTIFICATE-----

MIICJzCCAZCgAwIBAgIBATANBgkqhkiG9w0BAQsFADAgMQswCQYDVQQGEwJHQjER MA8GA1UEAwwIS000Q0ExRTcwHhcNMTcwNDExMTAwMDU1WhcNMjIwNDExMTAwMDU1 WjAgMQswCQYDVQQGEwJHQjERMA8GA1UEAwwIS000Q0ExRTcwgZ8wDQYJKoZIhvcN AQEBBQADgY0AMIGJAoGBALax4qd3TTxiivLHc1oC2xWTw3aRTV1TTxb4tjaMz+Xg 5BMQWn+cCK0EmpUJbkhZAksudGX6juyKX2lYZBBJ39p56LE9B5t8hSnAg0LAXCTT VpAONBKoU7pwTgkCq6LXUKvtccB6941WhYB3Bh5iLOyhVO0jI2nbh4XjwzIcTBD/ AgMBAAGjcTBvMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgWgMB0GA1UdDgQW BBQEckM2nQx5aXSZ+TtHUoX43UEgsTAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYB BQUHAwIwEQYJYIZIAYb4QgEBBAQDAgbAMA0GCSqGSIb3DQEBCwUAA4GBAEVOyueU xu2wpxCs4h7kNXc50HKY+GOQtvuAWaAeSnjNivWVmXKljsu4aSYuwZwhvuey5IQX r5CUpWug/fBEvwb8CCravmIugKvv7xOunCUPf3WGkFAz/P/clea6eFQ01mz1eONO lLjjjpJHqhnTb60d6pTjK+Iq0QUJifNhHHq/


END CERTIFICATE-----

--- Server certificate subject=/C=GB/CN=KM4CA1E7 issuer=/C=GB/CN=KM4CA1E7 --- No client certificate CA names sent Peer signing digest: SHA512 Server Temp Key: ECDH, P-256, 256 bits --- SSL handshake has read 1137 bytes and written 487 bytes --- New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES256-SHA384 Server public key is 1024 bit Secure Renegotiation IS supported Compression: NONE Expansion: NONE No ALPN negotiated SSL-Session:

   Protocol  : TLSv1.2
   Cipher    : ECDHE-RSA-AES256-SHA384
   Session-ID: 81AC9E655A2B295AEF81080B0FBDF5A57F889FF9714EF2CC0FEB57D8FC7C64C1
   Session-ID-ctx: 
   Master-Key: 0C9717689368440A8E5DC97062096C529C69716955C4A497C39F68496312E05E7FFBDEC09960E7997810B6C96C52EA5F
   Key-Arg   : None
   PSK identity: None
   PSK identity hint: None
   SRP username: None
   TLS session ticket lifetime hint: 300 (seconds)
   TLS session ticket:
   0000 - 28 a3 58 c7 20 42 c6 6b-ac 58 c2 48 5d 52 b9 ab   (.X. B.k.X.H]R..
   0010 - 11 78 d6 cc 86 6e 3d 6a-cb 9f aa 64 ff 69 2c f0   .x...n=j...d.i,.
   0020 - 33 f3 c3 42 40 9c d1 d3-77 71 c5 d8 db b8 c6 35   3..B@...wq.....5
   0030 - 5a 66 a8 79 28 c8 ce 79-b6 94 1a 8c a6 a5 f9 8f   Zf.y(..y........
   0040 - 4b 2c 9a 72 cf 2d e8 63-4c 83 87 ea b3 4c ef 1e   K,.r.-.cL....L..
   0050 - 24 ec 88 f1 44 1b 4e 90-d1 45 49 4c 2a 59 f0 a7   $...D.N..EIL*Y..
   0060 - 5a 49 a6 8e 15 b5 d9 d2-1c cf 79 aa ba 58 60 f7   ZI........y..X`.
   0070 - a8 a5 a0 65 ee 29 ee 28-fa d1 67 d8 f5 f5 e2 a7   ...e.).(..g.....
   0080 - 5a ec 79 7e 6d 78 ac 15-8c 68 09 12 d8 43 2c 54   Z.y~mx...h...C,T
   0090 - a7 12 23 21 55 12 2e 54-88 27 7b 82 dd 61 7e d2   ..#!U..T.'{..a~.
   Start Time: 1502096691
   Timeout   : 300 (sec)
   Verify return code: 21 (unable to verify the first certificate)

--- HTTP/1.1 408 Request Time-Out Connection: Close Accept-Encoding: identity

read:errno=0

Hi, I modified a settings on my printer about security access. Then i am locked out. I get this message when i try to use the admin webpage : "Cannot communicate securely with peer: no common encryption algorithm(s). Error code: SSL_ERROR_NO_CYPHER_OVERLAP" Some details bellow , hope it will help : openssl s_client -connect xx.xx.xx.xx:443 -showcerts CONNECTED(00000003) depth=0 C = GB, CN = KM4CA1E7 verify error:num=20:unable to get local issuer certificate verify return:1 depth=0 C = GB, CN = KM4CA1E7 verify error:num=21:unable to verify the first certificate verify return:1 --- Certificate chain 0 s:/C=GB/CN=KM4CA1E7 i:/C=GB/CN=KM4CA1E7 -----BEGIN CERTIFICATE----- MIICJzCCAZCgAwIBAgIBATANBgkqhkiG9w0BAQsFADAgMQswCQYDVQQGEwJHQjER MA8GA1UEAwwIS000Q0ExRTcwHhcNMTcwNDExMTAwMDU1WhcNMjIwNDExMTAwMDU1 WjAgMQswCQYDVQQGEwJHQjERMA8GA1UEAwwIS000Q0ExRTcwgZ8wDQYJKoZIhvcN AQEBBQADgY0AMIGJAoGBALax4qd3TTxiivLHc1oC2xWTw3aRTV1TTxb4tjaMz+Xg 5BMQWn+cCK0EmpUJbkhZAksudGX6juyKX2lYZBBJ39p56LE9B5t8hSnAg0LAXCTT VpAONBKoU7pwTgkCq6LXUKvtccB6941WhYB3Bh5iLOyhVO0jI2nbh4XjwzIcTBD/ AgMBAAGjcTBvMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgWgMB0GA1UdDgQW BBQEckM2nQx5aXSZ+TtHUoX43UEgsTAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYB BQUHAwIwEQYJYIZIAYb4QgEBBAQDAgbAMA0GCSqGSIb3DQEBCwUAA4GBAEVOyueU xu2wpxCs4h7kNXc50HKY+GOQtvuAWaAeSnjNivWVmXKljsu4aSYuwZwhvuey5IQX r5CUpWug/fBEvwb8CCravmIugKvv7xOunCUPf3WGkFAz/P/clea6eFQ01mz1eONO lLjjjpJHqhnTb60d6pTjK+Iq0QUJifNhHHq/ -----END CERTIFICATE----- --- Server certificate subject=/C=GB/CN=KM4CA1E7 issuer=/C=GB/CN=KM4CA1E7 --- No client certificate CA names sent Peer signing digest: SHA512 Server Temp Key: ECDH, P-256, 256 bits --- SSL handshake has read 1137 bytes and written 487 bytes --- New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES256-SHA384 Server public key is 1024 bit Secure Renegotiation IS supported Compression: NONE Expansion: NONE No ALPN negotiated SSL-Session: Protocol : TLSv1.2 Cipher : ECDHE-RSA-AES256-SHA384 Session-ID: 81AC9E655A2B295AEF81080B0FBDF5A57F889FF9714EF2CC0FEB57D8FC7C64C1 Session-ID-ctx: Master-Key: 0C9717689368440A8E5DC97062096C529C69716955C4A497C39F68496312E05E7FFBDEC09960E7997810B6C96C52EA5F Key-Arg : None PSK identity: None PSK identity hint: None SRP username: None TLS session ticket lifetime hint: 300 (seconds) TLS session ticket: 0000 - 28 a3 58 c7 20 42 c6 6b-ac 58 c2 48 5d 52 b9 ab (.X. B.k.X.H]R.. 0010 - 11 78 d6 cc 86 6e 3d 6a-cb 9f aa 64 ff 69 2c f0 .x...n=j...d.i,. 0020 - 33 f3 c3 42 40 9c d1 d3-77 71 c5 d8 db b8 c6 35 3..B@...wq.....5 0030 - 5a 66 a8 79 28 c8 ce 79-b6 94 1a 8c a6 a5 f9 8f Zf.y(..y........ 0040 - 4b 2c 9a 72 cf 2d e8 63-4c 83 87 ea b3 4c ef 1e K,.r.-.cL....L.. 0050 - 24 ec 88 f1 44 1b 4e 90-d1 45 49 4c 2a 59 f0 a7 $...D.N..EIL*Y.. 0060 - 5a 49 a6 8e 15 b5 d9 d2-1c cf 79 aa ba 58 60 f7 ZI........y..X`. 0070 - a8 a5 a0 65 ee 29 ee 28-fa d1 67 d8 f5 f5 e2 a7 ...e.).(..g..... 0080 - 5a ec 79 7e 6d 78 ac 15-8c 68 09 12 d8 43 2c 54 Z.y~mx...h...C,T 0090 - a7 12 23 21 55 12 2e 54-88 27 7b 82 dd 61 7e d2 ..#!U..T.'{..a~. Start Time: 1502096691 Timeout : 300 (sec) Verify return code: 21 (unable to verify the first certificate) --- HTTP/1.1 408 Request Time-Out Connection: Close Accept-Encoding: identity read:errno=0

All Replies (1)

more options

The printer looks buggy. It disabled more than admin interface said.

For me it is solved so.