Difference between revisions of "OFTP2 - BMW CURL errors"
Jump to navigation
Jump to search
(Created page with "= Version history = *2018-02-23: First writing of this document = Background = OS4X may log massively in the OS4X's system log the following messages: CURL error 56 while...") |
|||
| Line 5: | Line 5: | ||
OS4X may log massively in the OS4X's system log the following messages: | OS4X may log massively in the OS4X's system log the following messages: | ||
| − | CURL error 56 while fetching CRL from URL | + | CURL error 56 while fetching CRL from URL http://sslcrl.bmwgroup.net/pki/BMW%20Group%20Issuing%20CA%20SSL1.crl: Failure when receiving data from the peer; HTTP code 0, check proxy settings |
[[File:Google ChromeScreenSnapz473.png]] | [[File:Google ChromeScreenSnapz473.png]] | ||
Latest revision as of 09:27, 23 February 2018
Version history
- 2018-02-23: First writing of this document
Background
OS4X may log massively in the OS4X's system log the following messages:
CURL error 56 while fetching CRL from URL http://sslcrl.bmwgroup.net/pki/BMW%20Group%20Issuing%20CA%20SSL1.crl: Failure when receiving data from the peer; HTTP code 0, check proxy settings
This error occurs since the given URL is not publically available from the internet. The URL comes from a certificate of BMW, which is contained in the Odette's TSL. OS4X scans all certificates for new CRL URLs, so we have to define not to re-enable the URL again, and afterwards disable the corresponding CRL URL.
Solution
Step 1: disable automatic reactivation of CRLs
Navigate to "Configuration" -> "TLS" and activate the checkbox "Disable automatic reactivation of CRLs":
Save this config afterwards.
Step 2: disable the corresponding CRL entries
Navigate to "Certificates" -> "Revocation lists" and disable the entries which cannot be downloaded by clicking on the second icon entitled by a tooltip "Activate/Deactivate":
