Jump to content

ESET ERA 6 - SSL problem


Recommended Posts

Hi guys,

I have ESET ERA 6.5 and was set up SSL:

<Connector port="8443"
               protocol="HTTP/1.1"
               SSLEnabled="true"
               maxThreads="150"
               scheme="https"
               secure="true"
               clientAuth="false"
               sslProtocols="TLSv1,TLSv1.1,TLSv1.2"
               ciphers="TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
                        TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
                        TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
                        TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,
                        TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
                        TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
                        TLS_RSA_WITH_AES_128_CBC_SHA256,
                        TLS_RSA_WITH_AES_128_GCM_SHA256,
                        TLS_RSA_WITH_AES_128_CBC_SHA,
                        TLS_RSA_WITH_AES_256_CBC_SHA256,
                        TLS_RSA_WITH_AES_256_GCM_SHA384,
                        TLS_RSA_WITH_AES_256_CBC_SHA"
               keystoreFile="/opt/eset/RemoteAdministrator/Server/myesetera01.pfx"
               keystorePass="topsecret" keystoreType="PKCS12"
               />

 

After restart service I got this error in browser:

SEC_ERROR_CERT_SIGNATURE_ALGORITHM_DISABLED

Certificate was build in internal CA (Windows). Can you help me with this issue?

Thank you.

Link to comment
Share on other sites

  • Administrators

What browser do you use? Did you try to use another one?

If you use Firefox, enter "about:config" in the address bar and filter "security.ssl" with a list of algorithms. Please post a screen shot of that screen so that we can see what algorithms are enabled / disabled in the browser.

Link to comment
Share on other sites

Hi Marcos,

thank you. Yes, in FF I cat this messeage disabled.

If I uset curl, I got this error:

* Peer certificate cannot be authenticated with known CA certificates
curl: (60) Peer certificate cannot be authenticated with known CA certificates

 

I must add CA to server?

Thank you.

 

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...