David's picture
David - Thu, 2015/08/27 - 22:38

I just downloaded and installed the Turnkey Torrent Server and everything is working perfectly except when I try to access MLDonkey I get the unsupported SSLv3 error. The rest of the SSL seems to be working fine though. Any idea how I can correct this?

Forum: 
Support
Jeremy Davis's picture

Jeremy Davis - Fri, 2015/08/28 - 08:40
I don't have that app running and don't recall how it is configured OOTOMH. I do recall that there was a problem with one of the web interfaces displaying; perhaps that what you mean by "the unsupported SSLv3 error".

I know that the software is quite dated and we will be rethinking the torrent appliance for our v14.x release. My guess is that the app that is serving that content provides SSLv3 by default and these days web browsers often won't support anything less than TLS1. So that leaves you with a few options:

  • check the config and see if TLS can be enabled
  • configure the existing web browser (lightty IIRC) to reverse proxy the content
  • use something use (e.g. stunnel) to provide secure access

If you can provide a bit more detail I can possibly help you a little further but I don't have a quick easy answer sorry...

Jeremy Davis's picture

Jeremy Davis - Tue, 2015/09/15 - 01:51
But modern web browsers complain about old insecure SSL connections.

FWIW the comments that I made above still apply (although probably aren't super useful to you). As I also mentioned the v14.0 torrent-server appliance will do things differently.

The (almost ready for release) v14.0 uses rTorrent/ruTorrent to provide the torrent handling functionality and it should "just work" OOTB. Keep an eye on our blog! :)

ccbailey123's picture

ccbailey123 - Mon, 2015/09/28 - 22:36

Hi Jeremy,

 

I just installed torrent server v14 to a esxi VM (ver 6) and I get the same exact issue when trying to accees the web interface for rutorrent (x.x.x.x:12323)  The other ports work.  My web browsers (FF 40.0.3, IE 11.0.22) both have all 3 TLS settings turned on.   Is there a conf file on the appliance that needs modified?

 

Thx,

Chip

Jeremy Davis's picture

Jeremy Davis - Tue, 2015/09/29 - 04:54
So you definitely installed from the v14.0 ISO? Also I note that ruTorrent is available on port 12322 (not 12323 - although perhaps that was a typo).

You can 100% confirm the version with this command: 

turnkey-version

TBH it would really surprise me if that's the case... As opposed to the old MLDonkey interface (which had it's own built in server); the ruTorrent interface is served by Nginx (see conf here - your local conf /etc/nginx/sites-available/rutorrent should match that). As of v14.0 Nginx has hardened default SSL config common to all appliances (see that here - it should match your: /etc/nginx/include/ssl).

As you should see SSL should be totally disabled and only TLS 1, 1.1 & 1.2 are supported. Another test you can do is browse to the standard https page (por 443). You should get the same issue there as it uses the same SSL config...

Add new comment