If I try to open a file from nextcloud, I get the following errors: Cannot get file info from WOPI storage uri [https://nextcloud.[censored]/index.php/apps/richdocuments/wopi/files/[censored]?access_token=[censored]&access_token_ttl=0&permission=edit]. Error: SSL Exception: error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure| wsd/Storage.cpp:474 and Cannot get file info from WOPI storage uri [https://nextcloud.[censored]/index.php/apps/richdocuments/wopi/files/[censored]?access_token=[censored]&access_token_ttl=0&permission=edit]. Error: SSL Exception: error:14094410:SSL routines:ssl3_read_bytkit-20082-19463 2019-01-23 18:06:28.336603 [ loolkit ] WRN Kit connection lost without exit arriving from wsd. Setting TerminationFlag| kit/Kit.cpp:2202 It seems to try to connect to it using ssl3 (which is of course not allowed).
Never seen this error, which online and NC + Collabora Online app version is this?
Version: 6.0.10.18-18 Nextcloud: 15.0.2 Richdocuments app: 3.1.1 I guess the important things here are: TLS versions: 1.2 & 1.3 OpenSSL version: 1.1.0g / 1.1.1a (both versions can access it without any problem) Cipher Suites: # TLS 1.3 (suites in server-preferred order) TLS_AES_256_GCM_SHA384 ECDH x25519 TLS_CHACHA20_POLY1305_SHA256 ECDH x25519 TLS_AES_128_GCM_SHA256 ECDH x25519 # TLS 1.2 (suites in server-preferred order) TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 ECDH x25519 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 ECDH x25519
Do you need something more? I can secretly provide urls and credentials if needed.
From what this error looks like this looks like an old/misconfigured version of openssl: https://github.com/paypal/adaptivepayments-sdk-php/issues/63, https://stackoverflow.com/questions/28291794/exception-error14094410ssl-routinesssl3-read-bytessslv3-alert-handshake-fai/28292548
I'm sorry, but I can't test with ssl3, because it is disabled in all my openssl versions
Some bugs related to sign in errors are really very common as the users are getting very frequently. They can also take help from https://supportphonenumberaustralia.com/blog/xbox-sign-in-error-0x87dd0006/ that will help to resolve easily.
What you posted is not related to the bug
Right, it's spam.
Both loolwsd (the HTTP/TLS server code in it) and libpoco (used by loolwsd when it it is acting as a HTTP/TLS client) hardcode a rather outdated openssl/TLS configuration (such as a 1024 bit DH group for ephemeral key exchange), which starts to be rejected by other clients / servers, respectively. This gives the same symptoms as the ones you report, and may be your problem. The patches that address that are: * https://gerrit.libreoffice.org/#/c/81090/ * https://github.com/pocoproject/poco/pull/2816
I have a similar problem. wsd-05144-05155 2019-11-08 13:11:45.111720 [ docbroker_001 ] ERR Cannot get file info from WOPI storage uri [https://nextcloud-test.locolandia.net/index.php/apps/richdocuments/wopi/files/15_ocdl64ir3fkt?access_token=mwW0y3vzcXK6MXjzpm5F3OP8UvVAjseM&access_token_ttl=0&permission=edit]. Error: SSL Exception: error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure| wsd/Storage.cpp:504 The only solution was to enable all the SSL ciphers and protocols. I don' want to have SSLv3 enabled on the server by default :( I'm using ubuntu package (Ubuntu 18.04 with OpenSSL 1.1.1): root@collabora:/opt# dpkg -l | grep lool ii loolwsd 4.0.8-2 amd64 LibreOffice Online WebSocket Daemon
A "workaround" possible without sacrificing security is to set the wopi storage url to a http://<domain>.localhost url and also host nextcloud there
Hi Cromefire_, this issue has been in UNCONFIRMED status for more than 6 months. Is this issue still reproducible with the latest version of LibreOffice Online ?
Yes it does work correctly now
Great, closing as WORKSFORME, thanks for the feedback!