RequestError: EPROTO wrong signature type:ssl/t1_lib.c

bakman2 · 19 January 2023 00:12

I am received the following error message:
RequestError: write EPROTO 3801D2F14F7F0000:error:0A000172:SSL routines:tls12_check_peer_sigalg:wrong signature type:ssl/t1_lib.c:1572:
So what am I doing wrong?

You are not doing anything wrong. They use TLS1.2 instead of 1.3 and somehow the cipher they use is not compatible with 1.2 I suspect. Browsers tend to ignore these issues. Depending on your local setup, it might/might not work.

If you try this on the commandline, you will receive the same error:

echo | openssl s_client -servername klanten.bizzsms.nl -connect klanten.bizzsms.nl:443
...
verify return:1
58703D987F000000:error:0A000172:SSL routines:tls12_check_peer_sigalg:wrong signature type:ssl/t1_lib.c:1572:

Forcing the tls version (as the browser indicated):

echo | openssl s_client -tls1_2 -servername klanten.bizzsms.nl -connect klanten.bizzsms.nl:443

No errors.

I don't think there is an option available to add ciphers/force the tls version to the http request node, instead you could use an exec node that performs a curl, like:

curl --tlsv1.2  "https://klanten.bizzsms.nl/api/send?username=SOMEUSER&code=TEST&text=TESTNODERED&phonenumbers=0032123456&sendertitle=TITLE"

Output:

I think there is a way to set this up in a openssl config file, but never tried this.

Topic		Replies	Views
HTTP-Request EPROTO Failure General http-request	2	411	7 April 2023
Connection to HTTPS Server Developing Nodes http-request , security , docker	1	448	21 November 2022
Running into SSL/TLS problems with "http request" upgrading from 2.2.2 to 3.1.3 General security	4	257	5 March 2024
Http-request error General http-request	7	1127	23 September 2022
Please help the newbie General	8	455	11 July 2021

RequestError: EPROTO wrong signature type:ssl/t1_lib.c

Related topics