Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    error: SSL handshake failed

    Scheduled Pinned Locked Moved DHCP and DNS
    4 Posts 4 Posters 2.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • noplanN
      noplan
      last edited by noplan

      unbound-control -c /var/unbound/unbound.conf status
      results in -->

      error: SSL handshake failed
      34391444536:error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed:/build/ce-crossbuild-244/pfSense/tmp/FreeBSD-src/crypto/openssl/ssl/s3_clnt.c:1269:

      not able to fix it myself / head against the tree ;)

      in unbound.conf uncommented the following:
      /usr/local/etc/unbound/unbound.conf

      #unbound server key file.
      server-key-file: "/usr/local/etc/unbound/unbound_server.key"

          # unbound server certificate file.
           server-cert-file: "/usr/local/etc/unbound/unbound_server.pem"
      
          # unbound-control key file.
          control-key-file: "/usr/local/etc/unbound/unbound_control.key"
      
          # unbound-control certificate file.
           control-cert-file: "/usr/local/etc/unbound/unbound_control.pem"
      

      after that reload and restart ... same error

      DNS Forwarder enabled
      DNSSEC disabled
      NICs LAN and localhost
      no Custom Options set

      Any Ideas ...

      after deleting these in
      /var/unbound

      dnsbl_cert.pem
      unbound_control.key
      unbound_control.pem
      unbound_server.key
      unbound_server.pem

      and restartet the box (baby)

      no error ! :)

      after activating pfB & DNSBL

      grep 'DNSBL update' /var/log/pfblockerng/pfblockerng.log | tail -1

      DNSBL update [ 183054 | PASSED ]... completed

      I hope i fixed this !
      sometimes puttin your headphones on helps !
      "cat stevens and chris & chris cornell "

      best regards in advanced !
      on 2.4.4-RELEASE-p1
      nP

      1 Reply Last reply Reply Quote 0
      • B
        bulletjie
        last edited by

        This worked for me too. Thanks for sharing your solution!

        C 1 Reply Last reply Reply Quote 0
        • C
          Calin @bulletjie
          last edited by

          Worked for me too, thanks.
          pfsense 2.4.5-RELEASE-p1.

          GertjanG 1 Reply Last reply Reply Quote 0
          • GertjanG
            Gertjan @Calin
            last edited by

            The file

            /usr/local/etc/unbound/unbound.conf
            

            isn't used by any process neither unbound. It's there for historical show-case reasons - and eating some disk space.
            Changing that file, or even deleting it won't make any difference.

            @calin said in error: SSL handshake failed:

            Worked for me too, thanks.

            so, what worked for you ?

            Btw : I guess this is/was also valid for 2.4.4-p1 - many years ago.

            No "help me" PM's please. Use the forum, the community will thank you.
            Edit : and where are the logs ??

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.