Specifying TLS Cipher with curl TransportOption
David Wen Riccardi-Zhu
davidwen.riccardizhu at gooduncle.com
Tue Jun 2 13:51:44 UTC 2020
Thanks, Scott! I doubted myself and gave that a try, too:
As well as something like this:
<TransportOption provider="CURL" option="83">DEFAULT at SECLEVEL
But I'm still getting the same error:
2020-06-02 12:32:56 ERROR XMLTooling.libcurl.InputStream : failed to set
CURL transport option (83)
2020-06-02 12:32:56 ERROR XMLTooling.libcurl.InputStream : error while
fetching https://idp-url-here: (35) error:141A318A:SSL
routines:tls_process_ske_dhe:dh key too small
2020-06-02 12:32:56 ERROR XMLTooling.ParserPool : fatal error on line 0,
column 0, message: internal error in NetAccessor
2020-06-02 12:32:56 ERROR OpenSAML.MetadataProvider.XML : error while
loading resource (https://idp-url-here): XML error(s) during parsing, check
log for specifics
Is there a way for me to see why the transport option is failing to set?
Many thanks again,
On Tue, Jun 2, 2020 at 12:43 PM Cantor, Scott <cantor.2 at osu.edu> wrote:
> > (I'm on CentOS, which uses NSS, hence the lowercase cipher name).
> You can't use NSS for this, you have ot be using libcurl with OpenSSL and
> you'd use its syntax.
> -- Scott
> For Consortium Member technical support, see
> To unsubscribe from this list send an email to
> users-unsubscribe at shibboleth.net
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the users