viewtopic.php?f=40&t=17696
That has worked well for a year or so but recently the dynamic updates have failed; the log reports
- Code: Select all
unsupported: failed to update '1.2.3.4' # obfuscated
Directly running the wget command (which is part of the modified script) at a shell prompt gives:
- Code: Select all
[root@freesco] wget https://ssl.gratisdns.dk/ddns.phtml?u=<username>&p=<pword>&d=<ourdomain>&h=<theddnshost>&i=127.0.0.1
[root@ freesco] --15:20:14-- https://ssl.gratisdns.dk/ddns.phtml?u=******
=> `ddns.phtml?u=******'
Resolving ssl.gratisdns.dk... 91.221.196.4
Connecting to ssl.gratisdns.dk[91.221.196.4]:443... connected.
Unable to establish SSL connection.
Unable to establish SSL connection.
# and hangs, requiring a CTRL-C to release
[1] 13137 Exit 0 wget https://ssl.gratisdns.dk/ddns.phtml?u=***...
[root@freesco]
The DNS provider now also happens to provide its own script (https://github.com/lsim/gratisddns/blob ... tisddns.sh) for client update. Reading through that, the https command still looks to be the same as we're already using in the FREESCO DDNS script. So I don't think anything has changed in the API, and nothing has changed in our FREESCO (I've rechecked the 'setup'). I also used the https command in a current vesion of Firefox, and the DDNS response page was the text 'OK'; the DNS record for that host now has '127.0.0.1', illustrating that the https command indeed worked. Firefox reports the SSL connection:
- Code: Select all
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, 128 bit keys, TLS 1.2
I was thinking about the failure to make an SSL connection. I wonder if GratisDNS may be dropping support for TLS lower than TLS 1.1 (many sites are, now).
How could I check which TLS versions are supported in our current FREESCO build?
This particular FREESCO runs 0.4.2, and we are using the openssl package openssl-0.9.7e-lightning .
Regards, Island