Christopher Pinon <cjpi...@secondfloor.xyz> wrote: > Aaron B. <aa...@zadzmo.org> wrote: > > > On Mon, 01 May 2017 13:20:17 +0200 > > Christopher Pinon <cjpi...@secondfloor.xyz> wrote: > > > > > - When I try to connect to my site via https using Firefox, Firefox > > > gives the error message: "Cannot communicate securely with peer: no > > > common encryption algorithm(s). Error code: > > > SSL_ERROR_NO_CYPHER_OVERLAP" > > > > There's your problem here; Firefox and httpd can't find a common > > algorithm. > > > > Try explicity setting a cipher list in httpd; according to the man page > > '-z' should do it... > > > > Thanks, Aaron, explicitly setting this list solved the Firefox problem! > .. >
+1 on the thanks - my bozohttpd+SSL seemingly stopped working with firefox several years ago and after fiddling around with it for a day w/o success I dropped the encryption as it was a LAN-only setup. I guess I misunderstood the man-page WRT the -Z option; "It also causes bozohttpd to start SSL mode" seemed to suggest there wasn't anything else needed since one generally expects the browser to do the negotiations for you. For anyone else: look at CIPHER LIST FORMAT in openssl_ciphers(1) for cipher string format. I just used '-z ALL' as I don't really care about the particulars and I'm using a self-signed cert. Jeff