Hello gentlemen,

I am trying to set up a 2 node ngIRCd cluster. Clients can connect to both nodes with SSL enabled (tested with irssi or znc), but the 2 servers does not want to talk together :  SSL error: Could not negotiate a supported cipher suite. [gnutls_handshake]

Packages version :

libgnutls26                          2.12.23-1ubuntu1.1 ngircd                                21-1

Here is my configurations :

IRC0 : [SSL]         CertFile = /etc/ngircd/irc0_crt.pem         DHFile = /etc/ngircd/dh.pem         KeyFile = /etc/ngircd/irc0_privatekey.pem         Ports = 50799

[Server]     Name = irc2.xxx.net     Host = irc2.xxx.net     Port = 50799     PeerPassword = toto     MyPassword = tata     SSLConnect = yes     Group = 1

IRC2 : [SSL]         CertFile = /etc/ngircd/irc2_crt.pem         DHFile = /etc/ngircd/dh.pem         KeyFile = /etc/ngircd/irc2_privatekey.pem         Ports = 50799

[Server]         Name = irc0. xxx.net         Host = irc0. xxx.net         Port = 50799         Passive = yes         MyPassword = tata         PeerPassword = toto         SSLConnect = yes         Group = 1

And the log messages :

IRC0 : Dec  2 17:42:43 maxwell ngircd[23501]: /etc/ngircd/ngircd.conf: line 148: "Ident = yes", but ngircd was built without IDENT support! Dec  2 17:42:43 maxwell ngircd[23501]: Can't read help text file "/usr/share/doc/ngircd/Commands.txt": No such file or directory Dec  2 17:42:43 maxwell ngircd[23501]: No help text available, HELP command will be of limited use. Dec  2 17:42:43 maxwell ngircd[23501]: ngIRCd 21-IPv6+IRCPLUS+SSL+SYSLOG+ZLIB-i686/pc/linux-gnu started. Dec  2 17:42:43 maxwell ngircd[23501]: Using configuration file "/etc/ngircd/ngircd.conf" ... Dec  2 17:42:43 maxwell ngircd[23501]: GnuTLS 2.12.23 initialized. Dec  2 17:42:43 maxwell ngircd[23502]: Running as user irc(39), group irc(39), with PID 23502. Dec  2 17:42:43 maxwell ngircd[23502]: Not running with changed root directory. Dec  2 17:42:43 maxwell ngircd[23502]: IO subsystem: epoll (hint size 100, initial maxfd 100, masterfd 4). Dec  2 17:42:43 maxwell ngircd[23502]: Created pre-defined channel "#hnng". Dec  2 17:42:43 maxwell ngircd[23502]: Now listening on [0::]:50799 (socket 8). Dec  2 17:42:43 maxwell ngircd[23502]: Now listening on [0.0.0.0]:50799 (socket 9). Dec  2 17:42:44 maxwell ngircd[23502]: Preparing to establish a new server link for "irc2.xxx.net" ... Dec  2 17:42:44 maxwell ngircd[23502]: Establishing connection for "irc2.xxx.net" to "irc2.xxx.net:50799 » (—.—.—.—), socket 10 ... Dec  2 17:42:44 maxwell ngircd[23502]: SSL error: A TLS packet with unexpected length was received. [gnutls_handshake]. Dec  2 17:42:44 maxwell ngircd[23502]: SSL connection on socket 10 failed! Dec  2 17:42:44 maxwell ngircd[23502]: Shutting down connection 10 (Can't connect) with "irc2.xxx.net:50799" ... Dec  2 17:42:44 maxwell ngircd[23502]: Client unregistered (connection 10): Can't connect. Dec  2 17:42:44 maxwell ngircd[23502]: Connection 10 with "irc2.xxx.net:50799" closed (in: 0.0k, out: 0.0k).

IRC2: Dec  2 17:43:01 ampere ngircd[28153]: Accepted connection 15 from "—.—.—.—:38933" on socket 9. Dec  2 17:43:01 ampere ngircd[28153]: SSL error: Could not negotiate a supported cipher suite. [gnutls_handshake]. Dec  2 17:43:01 ampere ngircd[28153]: Shutting down connection 15 (SSL accept error, closing socket) with "—.—.—.—:38933" ... Dec  2 17:43:01 ampere ngircd[28153]: Client unregistered (connection 15): SSL accept error, closing socket. Dec  2 17:43:01 ampere ngircd[28153]: Connection 15 with "—.—.—.—:38933" closed (in: 0.0k, out: 0.0k).

Thanks in advance for your help.

--  Nicolas