My questions about the documentation of the callbacks remain. Having solved the problem, I'm pretty certain the the "no shared cipher" error message is way too overloaded. Some piece of code is clearly doing something useful, which is to check if the public/private key match. Unfortunately, that code is not announcing the mismatch in a useful way. My provisioning script, due to a typo, was generating new CSRs, but sending an ancient CSR with an old public key. Writing up the problem, I eventually noticed the public key dump from the private key file did not match the dump from the certificate. -- ] Never tell me the odds! | ipv6 mesh networks [ ] Michael Richardson, Sandelman Software Works | IoT architect [ ] mcr@xxxxxxxxxxxx http://www.sandelman.ca/ | ruby on rails [
Attachment:
signature.asc
Description: PGP signature
