Support » Plugin: BackWPup - WordPress Backup Plugin » Cannot Start Job with CloudFlare Free SSL and Self-Signed Certificate

Viewing 5 replies - 1 through 5 (of 5 total)
  • As an FYI, here’s my nginx SSL setup on this one:

    ssl_session_cache shared:SSL:50m;
            ssl_session_timeout  5m;
            ssl_protocols  TLSv1 TLSv1.1 TLSv1.2;
    
            ssl_ciphers 'EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4 EECDH RSA+AESGCM RSA+AES !RC4 !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS';
    
            ssl_prefer_server_ciphers on

    Got that from somewhere on GitHub as a quality secure version.

    Plugin Author Daniel Hüsken

    (@danielhuesken)

    You can try this http://marketpress.com/wp-content/uploads/2014/03/backwpup-disable-local-ssl-verify.zip Plugin for disable ssl checking for local connections WordPress wide.

    Hi Daniel, thanks for the help a bit ago.

    I installed and activated that plugin, but still get this error:

    The HTTP response test get an error "error:14077438:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1 alert internal error"

    I tried restarting PHP and nginx to see if that’d help.

    Something else going on here?

    The setup remains the same – Nginx server + CloudFlare FULL SSL. The certificate on the nginx server is self-signed, which is permissible by CloudFlare. The ciphers remain the same as above.

    Thanks a ton!

    I know this is an old thread, but it’s currently one of the first search results for the SSL23_GET_SERVER_HELLO error message.

    For the benefit of others who stumble on this in the future, I had the same problem. It’s caused because Cloudflare tries to force servers to a high level of security that’s not supported by your webhost for outgoing connections. Specifically, outgoing connections from your server don’t support TLS 1.1 and 1.2.

    Normally, updating CURL and OpenSSL will fix the problem. Specifically, CURL 7.39 or later, and OpenSSL 1.0.1c or later will support TLSv1.1 and TLSv1.2

    Wow, thank you so much!

    What’s frustrating is that with Ubuntu 12.04LTS, the versions of CURL are stuck at 7.22. Can’t even find a trustworthy repository with 7.39+ right now.

    If I can’t get a backport, may need to update this server at some point. I don’t like installing thing from sources because I’d forget about it and not check for security updates.

    Thanks again!

Viewing 5 replies - 1 through 5 (of 5 total)
  • The topic ‘Cannot Start Job with CloudFlare Free SSL and Self-Signed Certificate’ is closed to new replies.