I got an issue while trying to set up rTorrent as my download client.
My rutorrent instance is available through SSL (port 443) and has a .htaccess associated.
While browsing this forum, I saw many posts with some configuration that I tried :
My SSL certificate is issued by StartSSL and my configuration seems OK as I got A+ on sslabs.com.
When I test this connexion, I got these errors in my syslog :
Nov 30 13:10:13 mono[27120]: [Error] RTorrent: Error writing headers
Nov 30 13:10:13 mono[27120]: System.Net.WebException: Error writing headers —> System.IO.IOException: Error while sending TLS Alert (Fatal:InternalError): System.IO.IOException: The authentication or decryption has failed. —> Mono.Security.Protocol.Tls.TlsException: The authentication or decryption has failed.
Nov 30 13:10:13 mono[27120]: at Mono.Security.Protocol.Tls.RecordProtocol.EndReceiveRecord (IAsyncResult asyncResult) <0x41a15c80 + 0x00103> in :0
Nov 30 13:10:13 mono[27120]: at Mono.Security.Protocol.Tls.SslClientStream.SafeEndReceiveRecord (IAsyncResult ar, Boolean ignoreEmpty) <0x41a15bc0 + 0x0002b> in :0
Nov 30 13:10:13 mono[27120]: at Mono.Security.Protocol.Tls.SslClientStream.NegotiateAsyncWorker (IAsyncResult result) <0x41a132b0 + 0x00227> in :0
Nov 30 13:10:13 mono[27120]: — End of inner exception stack trace —
Nov 30 13:10:13 mono[27120]: at Mono.Security.Protocol.Tls.SslClientStream.EndNegotiateHandshake (IAsyncResult result) <0x41a16270 + 0x000bf> in :0
Nov 30 13:10:13 mono[27120]: at Mono.Security.Protocol.Tls.SslStreamBase.AsyncHandshakeCallback (IAsyncResult asyncResult) <0x41a16000 + 0x0007f> in :0 —> System.IO.IOException: The authentication or decryption has failed. —> Mono.Security.Protocol.Tls.TlsException: The authentication or decryption has failed.
Nov 30 13:10:13 mono[27120]: at Mono.Security.Protocol.Tls.RecordProtocol.EndReceiveRecord (IAsyncResult asyncResult) <0x41a15c80 + 0x00103> in :0
Nov 30 13:10:13 mono[27120]: at Mono.Security.Protocol.Tls.SslClientStream.SafeEndReceiveRecord (IAsyncResult ar, Boolean ignoreEmpty) <0x41a15bc0 + 0x0002b> in :0
Nov 30 13:10:13 mono[27120]: at Mono.Security.Protocol.Tls.SslClientStream.NegotiateAsyncWorker (IAsyncResult result) <0x41a132b0 + 0x00227> in :0
Nov 30 13:10:13 mono[27120]: — End of inner exception stack trace —
Nov 30 13:10:13 mono[27120]: at Mono.Security.Protocol.Tls.SslClientStream.EndNegotiateHandshake (IAsyncResult result) <0x41a16270 + 0x000bf> in :0
Nov 30 13:10:13 mono[27120]: at Mono.Security.Protocol.Tls.SslStreamBase.AsyncHandshakeCallback (IAsyncResult asyncResult) <0x41a16000 + 0x0007f> in :0
Nov 30 13:10:13 mono[27120]: — End of inner exception stack trace —
Nov 30 13:10:13 mono[27120]: at System.Net.WebConnection.EndWrite (System.Net.HttpWebRequest request, Boolean throwOnError, IAsyncResult result) <0x41863170 + 0x00207> in :0
Nov 30 13:10:13 mono[27120]: at System.Net.WebConnectionStream+c__AnonStorey1.<>m__0 (IAsyncResult r) <0x418629c0 + 0x0014f> in :0
Nov 30 13:10:13 mono[27120]: — End of inner exception stack trace —
Nov 30 13:10:13 mono[27120]: at System.Net.HttpWebRequest.EndGetResponse (IAsyncResult asyncResult) <0x4184a900 + 0x001ab> in :0
Nov 30 13:10:13 mono[27120]: at System.Net.HttpWebRequest.GetResponse () <0x41845b40 + 0x0005a> in :0
Nov 30 13:10:13 mono[27120]: at CookComputing.XmlRpc.XmlRpcClientProtocol.GetWebResponse (System.Net.WebRequest request) <0x41a0ed40 + 0x00032> in :0
Nov 30 13:10:13 mono[27120]: [Warn] NzbDroneErrorPipeline: Invalid request Validation failed:
Nov 30 13:10:13 mono[27120]: – Unknown exception: Error writing headers
mono doesn’t support the newer TLS1.2 ciphers, such as elliptic curve (ECDSA) and others. You’ll have to change the nginx settings to allow certain older ciphers, can’t help you with that.
Thanks but I already googled this issue quite a lot and I can not find a configuration that is working.
I also opened topics on other forums and noone could help me.
So if anyone can help me, I’d be happy, I tried to enabled SSLv3, TLSv1 and it doesn’t work anyway…
We’re talking about ciphersuites (RSA/AES/DHE) not protocols (SSLv3,TLSv1). Check out the first line here (third in the google search). Not saying you need to copy paste that, coz those lists are too modern/new for mono to handle, but that’s the config option you have to change.
From that link you get to [this site)[https://raymii.org/s/tutorials/Strong_SSL_Security_On_nginx.html] (also the first hit in the google search), section ‘The Cipher Suite’ and voila gets into most of the details and pros/cons and howto. Heck, copy/paste of those ciphers probably gets it working coz it seems to be a WinXP compatible list.
OK I understood my mistake, I tried like 20 different cipher suites from all kind of sites, from mozilla foundation, to recommended ones from the links you’ve mentionned, I can’t find a working one…
Thanks for your help anyway… ^^
I tried another cipher-suite, which should be pretty permissive and my rtorrent connexion still doesn’t work, but the error message is different one more time :
System.Net.WebException: Error getting response stream (ReadDone1): ReceiveFailure —> System.IO.IOException: EndRead failure —> System.Net.Sockets.SocketException: Connection reset by peer
at System.Net.Sockets.Socket.EndReceive (IAsyncResult result) <0x40c79100 + 0x000a3> in :0
at System.Net.Sockets.NetworkStream.EndRead (IAsyncResult ar) <0x40c78fc0 + 0x00057> in :0
— End of inner exception stack trace —
at Mono.Security.Protocol.Tls.SslStreamBase.EndRead (IAsyncResult asyncResult) <0x40e64ba0 + 0x00157> in :0
at System.Net.WebConnection.ReadDone (IAsyncResult result) <0x40c78410 + 0x0015d> in :0
— End of inner exception stack trace —
at System.Net.HttpWebRequest.EndGetResponse (IAsyncResult asyncResult) <0x40c54560 + 0x001a7> in :0
at System.Net.HttpWebRequest.GetResponse () <0x40c4c2b0 + 0x0005a> in :0
at CookComputing.XmlRpc.XmlRpcClientProtocol.GetWebResponse (System.Net.WebRequest request) <0x40e04cf0 + 0x00032> in :0