Hi Rainer, there is a list of patterns and APLOGNOs that are allowed to happen. In the http2 tests, those are defined in env.py, lines 88-97.
If we get new ones with openssl 3.0.2, we need to add them there. Could you give this a shot? Kind Regards, Stefan > Am 24.04.2022 um 22:03 schrieb Rainer Jung <rainer.j...@kippdata.de>: > > Hi all, > > at the end of the test runs in the pytest suite, TestBuffering.test_h2_712_03 > checks for warnings or errors logged in the httpd error log. None are > allowed, but test > > test_101_ssl_reneg.py > > [ssl:error] [pid 15298:tid 140040420189952] SSL Library Error: > error:0A0000C1:SSL routines::no shared cipher -- Too restrictive > SSLCipherSuite or using DSA server certificate? > [ssl:error] [pid 15298:tid 140040411797248] SSL Library Error: > error:0A0000C7:SSL routines::peer did not return a certificate -- No CAs > known to server for verification? > [ssl:error] [pid 15299:tid 140040378226432] SSL Library Error: > error:0A0000C7:SSL routines::peer did not return a certificate -- No CAs > known to server for verification? > [ssl:error] [pid 15299:tid 140040369833728] SSL Library Error: > error:0A0000C1:SSL routines::no shared cipher -- Too restrictive > SSLCipherSuite or using DSA server certificate? > > This is with OpenSSL 3.0.2. It does not happen with OpenSSL 1.1.1n (server > and curl, but the nghttp2 commandline tools always using 3.0.2). > > I added time stamps, so I think the relevant tests, that produce the messages > are: > > 24.04.2022 10:07:50.347236 > test/modules/http2/test_101_ssl_reneg.py::TestSslRenegotiation::test_h2_101_03 > PASSED: > > [Sun Apr 24 10:07:50.337861 2022] [ssl:error] [pid 9912:tid 139900498208512] > SSL Library Error: error:0A0000C1:SSL routines::no shared cipher -- Too > restrictive SSLCipherSuite or using DSA server certificate? > > 24.04.2022 10:07:50.459491 > test/modules/http2/test_101_ssl_reneg.py::TestSslRenegotiation::test_h2_101_04 > PASSED: > > [Sun Apr 24 10:07:50.451743 2022] [ssl:error] [pid 9912:tid 139900506601216] > SSL Library Error: error:0A0000C7:SSL routines::peer did not return a > certificate -- No CAs known to server for verification? > > 24.04.2022 10:07:50.580942 > test/modules/http2/test_101_ssl_reneg.py::TestSslRenegotiation::test_h2_101_05 > PASSED: > > [Sun Apr 24 10:07:50.572229 2022] [ssl:error] [pid 9911:tid 139900473030400] > SSL Library Error: error:0A0000C7:SSL routines::peer did not return a > certificate -- No CAs known to server for verification? > > 24.04.2022 10:07:50.862277 > test/modules/http2/test_102_require.py::TestRequire::test_h2_102_01 PASSED: > > [Sun Apr 24 10:07:50.853262 2022] [ssl:error] [pid 9912:tid 139900389103360] > SSL Library Error: error:0A0000C1:SSL routines::no shared cipher -- Too > restrictive SSLCipherSuite or using DSA server certificate? > > I haven't thought about how to fix this, first wanted to make it known. > > Thanks and regards, > > Rainer
