I upgraded from 384.9 to .10, which in itself was uneventful. AC68U runs fine, no complaints.
I also ran an opkg update and an opkg upgrade. Hindsight being 20/20 I realize I have set myself up for failure for making multiple changes in a row but perhaps someone has more insight into this:
None of my SSL enabled sites in lightttpd are working. Its new favorite message in the error log is:
(mod_openssl.c.1419) SSL: renegotiation initiated by client, killing connection
The regular log doesn't even get hit and the browser shows "Secure Connection Failed"
Would this be because of the dual OpenSLL binaries (libraries?) or would this be an issue with the opkg repo?
Update: some further Googling seems to indicate that this is related to TLS 1.3 and OpenSSL 1.1.1
Last update & fix: confirmed to be related to TLS1.3 introduced in OpenSSL1.1.1. Lighttpd has some issues with it and a workaround for the time being is to use
ssl.openssl.ssl-conf-cmd = ("Protocol" => "-ALL, TLSv1.2") in your config for lighttpd.
Case closed.
I also ran an opkg update and an opkg upgrade. Hindsight being 20/20 I realize I have set myself up for failure for making multiple changes in a row but perhaps someone has more insight into this:
None of my SSL enabled sites in lightttpd are working. Its new favorite message in the error log is:
(mod_openssl.c.1419) SSL: renegotiation initiated by client, killing connection
The regular log doesn't even get hit and the browser shows "Secure Connection Failed"
Would this be because of the dual OpenSLL binaries (libraries?) or would this be an issue with the opkg repo?
Update: some further Googling seems to indicate that this is related to TLS 1.3 and OpenSSL 1.1.1
Last update & fix: confirmed to be related to TLS1.3 introduced in OpenSSL1.1.1. Lighttpd has some issues with it and a workaround for the time being is to use
ssl.openssl.ssl-conf-cmd = ("Protocol" => "-ALL, TLSv1.2") in your config for lighttpd.
Case closed.
Last edited:
