Felix Quei?ner <felix at masterq32.de> writes: >> Unfortunately, I can't access cozylabs.eu using the `openssl s_client` tool, >> or actually any gemini browser, including AV-98: the error there is "ERROR: >> [SSL: UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS] unable to find public key >> parameters (_ssl.c:1108)". >> >> This makes me think it's an error with the server, as opposed to the ED22519 >> key; I'd love to try another server with this type of certificate for testing. > Using Kristall works and it's blazingly fast, seems to be a correct > server configuration Works fine in elpher, too. It actually works for me in AV-98 and openssl s_client, though, so this may be dependent on OpenSSL version? I have openssl-1.1.1g installed, but I understand there are lots of systems out there still on 1.0.x. (Note: this is a big reason why it's hard to do the "limit to TLS 1.3 or 1.2 with good cyphers: the wide use of ancient OpenSSL versions. It's also why Germinal doesn't actually forbid TLS 1.1 connections: the method for doing so has changed between OpenSSL 1.0 and 1.1, and the library I'm using doesn't support the 1.1 method.) -- +-----------------------------------------------------------+ | Jason F. McBrayer jmcbray at carcosa.net | | A flower falls, even though we love it; and a weed grows, | | even though we do not love it. -- Dogen |
---
Previous in thread (6 of 31): 🗣️ Case Duckworth (acdw (a) acdw.net)