Hey
Somehow I have a Problem. If I send a HTTPoison GET request against a webpage using the AEAD-CHACHA20-POLY1305-SHA256
encryption I get an timeout.
Somehow not even an handshake issue.
The code i tried
defaults = :ssl.cipher_suites(:default, :"tlsv1.2")
rsa_kx =
:ssl.cipher_suites(:all, :"tlsv1.2")
|> :ssl.filter_cipher_suites(
key_exchange: &(&1 == :rsa),
cipher: &(&1 in [:aes_128_cbc, :aes_128_gcm, :aes_256_cbc, :aes_256_gcm])
)
options = [
ssl: [ciphers: defaults ++ rsa_kx],
timeout: 5_000,
recv_timeout: 5_000,
log_level: :debug
]
res = HTTPoison.get("url", headers, options)
IO.inspect(res)
defaults = :ssl.cipher_suites(:default, :"tlsv1.2") # (tried also with 1.3)
rsa_kx =
:ssl.cipher_suites(:all, :"tlsv1.2") # (tried also with 1.3)
options = [
ssl: [ciphers: defaults ++ rsa_kx],
timeout: 5_000,
recv_timeout: 5_000,
log_level: :debug
]
res = HTTPoison.get("url", headers, options)
IO.inspect(res)
and also tried the plain request without any changes. All dont work
somehow if i curl the url, all went fine, also if i use the fetch of nodejs.
now I am super stuck and have no clue how to continue. It could be the encryption or something else, but everything else i tried didnt change anything.
The headers are exactly the same
The httpoison resonse is:
{:error, %HTTPoison.Error{reason: :timeout, id: nil}}
Anything i could try or i miss? shouldnt the encryption already work?
Edit:
with the tlsv1.3
at least it seems like the encryption should be included
if i add :hackney_trace.enable(:max, :io)
i see
#{mac => aead,key_exchange => dhe_rsa,
cipher => chacha20_poly1305,prf => sha256},
in the list of {ciphers,
but still timeout