Bug #10655
closedntopng fails with letsencrypt ECC certificates
0%
Description
Configuring ntopng to use letsencrypt certificates (via the Acme package) works with default RSA 2048 bit certificates. However if the certificate is configured with a 384 bit ECDSA certificate the ntopng server returns a Handshake error to all web browsers trying to connect. While the work-around to use RSA certificates isn't horrible, finding the source of the error is relatively difficult. I've seen the error reported on the web in a number of places with no resolution (google ntopng "ERR_SSL_VERSION_OR_CIPHER_MISMATCH") and only one relatively hidden reference from a year and a half ago that led to a solution. (https://forum.netgate.com/topic/116404/ntopng-and-let-s-encrypt-certificates) I didn't see an open bug report for this.