trx Posted October 4, 2021 Report Share Posted October 4, 2021 Hi, Since a recent PlaticSCM server update, we are not able to connect with our Linux Clients to the self hosted Team Edition Server. All the Windows Clients work perfectly only Linux Clients are affected (tested on multiple machines) a cm repository returns: Error: The remote certificate was rejected by the provided RemoteCertificateValidationCallback. Log output is: 2021-10-01 14:14:38,972 user INFO Channel - Rejected certificate validation info: Sender: Certificate: SHA1: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX MD5: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXX Subject: CN=our.domain.name Issuer: CN=R3, O=Let's Encrypt, C=US Expiration: 11/29/2021 7:44:23 AM Version: 3 Chain: Policy: Revocation mode: NoCheck Revocation flags: ExcludeRoot Verification flags: NoFlag Verification time: 10/1/2021 2:14:38 PM SslPolicyErrors: RemoteCertificateChainErrors 2021-10-01 14:14:38,975 user DEBUG ConnectClientSsl - Connect exception: System.IO.IOException. Message: The authentication or decryption has failed. 2021-10-01 14:14:38,975 user ERROR PlasticPipe - Error happened trying to SSL to ssl://our.domain.name:8088. The authentication or decryption has failed. 2021-10-01 14:14:38,976 user ERROR PlasticPipe - Failed to negotiate remoting SSL with ssl://our.domain.name:8088. Will try starting a TCP connection then switching to SSL 2021-10-01 14:14:38,976 user DEBUG Channel - Purging connection to ssl://our.domain.name:8088 2021-10-01 14:14:38,990 user DEBUG ConnectionCreator - Create connection to ssl://our.domain.name:8088 took 13 ms seems like a certficiate ChainError, but it worked till the recent update. Thanks Fabian Link to comment Share on other sites More sharing options...
calbzam Posted October 4, 2021 Report Share Posted October 4, 2021 Hi, Could you check if the following helps: 1. Edit the following file: /etc/ssl/openssl.cnf 2. First line of the file add: openssl_conf=default_conf At the end of the file add: [default_conf] ssl_conf = ssl_sect [ssl_sect] system_default = system_default_sect [system_default_sect] MinProtocol = TLSv1 CipherString = DEFAULT@SECLEVEL=1 3. Restart the Plastic SCM server. Regards, Carlos. Link to comment Share on other sites More sharing options...
trx Posted October 7, 2021 Author Report Share Posted October 7, 2021 Unfortunately it didn't fix my problem. We use currently an let's Encrypt certificate that will be updated regularly. The issue started probably since the last update, but unfortunately we also updated the PlasticSCM server in that go Thanks Link to comment Share on other sites More sharing options...
calbzam Posted October 7, 2021 Report Share Posted October 7, 2021 Hi, If you are paying user, we can arrange a meeting and take a look. Otherwise, using a let's Encrypt certificate could be a worakround. Regards, Carlos. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now