Bug #13690
Updated by François ARMAND over 5 years ago
Hi, I've got the same error on 2 fresh servers with centos6 error: Failed to establish TLS connection: (0 SSL_ERROR_SSL) tlsv1 alert internal error error: No suitable server found error: Failed to establish TLS connection: (0 SSL_ERROR_SSL) tlsv1 alert internal error error: No suitable server found error: Rudder agent promises could not be updated. Start execution with config [0] * server: OpenSSL 1.1.0f 25 May 2017 debian 9 * client : OpenSSL 1.0.1e-fips 11 Feb 2013 (well...) centos 6 UPDATE/RESOLUTION: In comment 20 belove (https://issues.rudder.io/issues/13690#note-20), we though we had a solution for everything, but it wasn't sufficient because 1.0.1 is *still* not compatible with *1.1.1*. So we ended up embeding OpenSSL everywhere, with: - version 1.0.2 for very old distros (AIX 5, Centos 3, centos 5..) - version 1.1.1 everywhere. It *still* means that new server (in libssl 1.1.1) won't work for people with agent relying on a OpenSSL 1.0.1 (centos 6 for rudder 5.0.2 and system ssl for ex). 1.0.1. At least new servers work It works correctly with agent in openssl 1.1.0 (so for ex agent 4.3 on ubuntu 18.04 works with server on 5.0.3). 1.1.0.