marceltomaskovic 0 Posted March 7, 2018 Share Posted March 7, 2018 Hi guys, I have ESET ERA 6.5 and was set up SSL: <Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true" maxThreads="150" scheme="https" secure="true" clientAuth="false" sslProtocols="TLSv1,TLSv1.1,TLSv1.2" ciphers="TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA256, TLS_RSA_WITH_AES_256_GCM_SHA384, TLS_RSA_WITH_AES_256_CBC_SHA" keystoreFile="/opt/eset/RemoteAdministrator/Server/myesetera01.pfx" keystorePass="topsecret" keystoreType="PKCS12" /> After restart service I got this error in browser: SEC_ERROR_CERT_SIGNATURE_ALGORITHM_DISABLED Certificate was build in internal CA (Windows). Can you help me with this issue? Thank you. Link to comment Share on other sites More sharing options...
Administrators Marcos 5,074 Posted March 7, 2018 Administrators Share Posted March 7, 2018 What browser do you use? Did you try to use another one? If you use Firefox, enter "about:config" in the address bar and filter "security.ssl" with a list of algorithms. Please post a screen shot of that screen so that we can see what algorithms are enabled / disabled in the browser. Link to comment Share on other sites More sharing options...
marceltomaskovic 0 Posted March 7, 2018 Author Share Posted March 7, 2018 Hi Marcos, thank you. Yes, in FF I cat this messeage disabled. If I uset curl, I got this error: * Peer certificate cannot be authenticated with known CA certificates curl: (60) Peer certificate cannot be authenticated with known CA certificates I must add CA to server? Thank you. Link to comment Share on other sites More sharing options...
Recommended Posts