ssl handshake failed
ThalusA opened this issue · 3 comments
I keep having this kind of error at startup :
dns | 2021/04/09 22:04:01 INFO [22768875766546432] unbound[15:0] error: ssl handshake failed crypto error:0D0D90AD:asn1 encoding routines:ASN1_TIME_adj:error getting time
dns | 2021/04/09 22:04:01 INFO [22768875766546432] unbound[15:0] error: and additionally crypto error:0D0D90AD:asn1 encoding routines:ASN1_TIME_adj:error getting time
dns | 2021/04/09 22:04:01 INFO [22768875766546432] unbound[15:0] error: and additionally crypto error:0D0D90AD:asn1 encoding routines:ASN1_TIME_adj:error getting time
dns | 2021/04/09 22:04:01 INFO [22768875766546432] unbound[15:0] error: and additionally crypto error:0D0D90AD:asn1 encoding routines:ASN1_TIME_adj:error getting time
dns | 2021/04/09 22:04:01 INFO [22768875766546432] unbound[15:0] error: and additionally crypto error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed
My docker-compose.yml file :
version: "3"
services:
dns:
image: qmcgaw/dns
container_name: dns
volumes:
- /home/pi/config/dns/include.conf:/unbound/include.conf:ro
environment:
- BLOCK_MALICIOUS=off
- PROVIDERS=cloudflare,google
- IPV6=on
ports:
- 53:53/udp
dns: 127.0.0.1
network_mode: bridge
restart: always
My include.conf file :
server:
local-data: "*.local A 192.168.1.32"
Event without the include.conf file, any environment parameter and setting dns to localhost it doesn't work either.
What is the problem ?
Oh oh that's because of Alpine 3.13 and you're running a 32 bit OS (the time representation changed and many programs (👀 unbound/openssl) didn't change their code for it). I'll revert back to Alpine 3.12.
For the time being you can use a previous image tag (I think v1.5.1) or a soon to be newer image qmcgaw/dns:v2.0.0-beta
. Documentation is a bit different, you can find it on the v2.0.0-beta branch.
Can you try that first? Does this solve it perhaps?
@qdm12 - I was having this exact problem for the last week or so and the instructions in your link fixed it for me. Thank you!