M
Mark Davies
Guest
Hi Matt, Thanks for the reply. I have tried as suggested, I removed this from my code to allow it to use defaults - which I'll assume tries the better option: oLib = ClientLibraryBuilder:Build() :AddSslProtocol('TLSv1') /* suggest by KB */ :AddSslCipher('AES128-SHA') /* suggest by KB */ :Library. Just be sure I covered all the suggestions in the replies, I re-imported the cert using the following steps: Downloaded the base64 encoded X.509 .cer and save .cer file from the site Renamed the saved .cer file to .pem Ran mkhashfile sitecert.pem Ran certutil -format PEM -import sitecert.pem Got confirmation that the cert was imported and can see it in $DLC\certs However, running the code again yielded the same error. I then also ran SSLC again with the -tls1 switch and got a different result: sslc s_client -connect ******.execute-api.eu-west-1.amazonaws.com:443 -tls1 Loading 'screen' into random state - done CONNECTED(000001C0) 11648:error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure:.\ssl\s3_pkt.c:1289:SSL alert number 40 11648:error:1409E0E5:SSL routines:SSL3_WRITE_BYTES:ssl handshake failure:.\ssl\s3_pkt.c:626: --- no peer certificate available --- No client certificate CA names sent --- SSL handshake has read 7 bytes and written 0 bytes --- New, (NONE), Cipher is (NONE) Secure Renegotiation IS NOT supported Compression: NONE Expansion: NONE SSL-Session: Protocol : TLSv1 Cipher : 0000 Session-ID: Session-ID-ctx: Master-Key: Key-Arg : None PSK identity: None PSK identity hint: None SRP username: None Start Time: 1526444229 Timeout : 7200 (sec) Verify return code: 0 (ok) --- Any ideas or suggested would be greatly appreciated. Thanks
Continue reading...
Continue reading...