[Privoxy-users] Why fail to open secure connection to the client incidentally, and what's the proper cleaning strategy for the generated certificates?

Miles Wen miles.wy.1 at gmail.com
Mon Mar 15 02:51:29 UTC 2021 

I'm using privoxy v3.0.32 on macosx v10.15.6 catalina. With https
inspection on.

With those debug options set:

> debug  1024 # Log the destination for requests Privoxy didn't let through, and the reason why.
> debug  8192 # Non-fatal errors
>
>
I incidentally get some error logs like this:

> 2021-03-15 10:07:44.978 7f863fa1f700 Error: The TLS/SSL handshake with the
> client failed: error:1408F09C:SSL routines:ssl3_get_record:http request
> 2021-03-15 10:07:44.978 7f863fa1f700 Error: Failed to open a secure
> connection with the client
>

Anybody have ideas about this error msg?

As long as I'm using https inspection, I wrote a program to delete the
generated certificate files older than 11 hours. But I don't know if this
is the best cleaning strategy.
I also get some errors like this:

> 2021-03-15 10:10:07.260 7f86209e1700 Error: X509 subject name (code: CN,
> val:
> only-d-pmjr9f4mclevwwl2mwckreicm8k1afzk-1615774207025.nstool.netease.com)
> error: error:0D07A097:asn1 encoding routines:ASN1_mbstring_ncopy:string too
> long
> 2021-03-15 10:10:07.260 7f86209e1700 Error: generate_host_certificate
> failed: -1
> 2021-03-15 10:10:07.260 7f86209e1700 Error: Failed to open a secure
> connection with the client
> 2021-03-15 10:10:07.268 7f86209e1700 Error: A website key already exists
> but there's no matching certificate. Removing
> /tmp/privoxyTmp/certGen/6e8849e15804dbafb007349e8271b483.pem before
> creating a new key and certificate.
> 2021-03-15 10:10:07.653 7f86209e1700 Error: X509 subject name (code: CN,
> val:
> only-d-pmjr9f4mclevwwl2mwckreicm8k1afzk-1615774207025.nstool.netease.com)
> error: error:0D07A097:asn1 encoding routines:ASN1_mbstring_ncopy:string too
> long
> 2021-03-15 10:10:07.654 7f86209e1700 Error: generate_host_certificate
> failed: -1
> 2021-03-15 10:10:07.654 7f86209e1700 Error: Failed to open a secure
> connection with the client
>

Are these errors related to my certificates cleaning? What's next I can do
to try to fix it?

thanks.

-- 
Regards.
Wen Yue

More information about the Privoxy-users mailing list