v1.5.3 Bug Reports and Comments

[Omniflux]

I tried to access a switch through a reverse proxy today, but the proxy complained

Code: Select all

 SSL_do_handshake() failed (SSL: error:141A318A:SSL routines:tls_process_ske_dhe:dh key too small) while SSL handshaking to upstream

Can you update the SSL configuration to use a larger DH key? Many SSL libraries won't connect with a 1024 bit key anymore due to the logjam vulnerability.

I don't have any switches configured with internet access in general, but I connected one to run an SSL diagnosis (https://www.ssllabs.com/ssltest/) while trying to figure this out, and the report was not good. You sell enough switches that I'm sure there are people out there who do assign publicly routable addresses to their devices, so maybe updating to a current SSL library is warranted?

[mlow]

I'll add that to the list of things to fix.
In the mean time, if you have the ip addresses of where those services map too you should be able to use them that way.

Great, looking forward to the fix :) That's what I've been doing.

[coreinput]

Upgraded from 1.5.2 running since May 2019 and everything went smooth (and no POE loss). Hats off to the team including beta testers for making this a good release. Thanks!