- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Workaround for ERR_SSL_VERSION_OR_CIPHER_MISMATCH problem for Sparc NAS (4.1.x firmware)
This workaround eliminates the redirection of http://nas-name-or-ip/admin to https://nas-name-or-ip/admin for NAS running 4.1.x firmware. It does require ssh to install.
Entering https://nas-name-or-ip/admin will still result in the mismatch error. However entering http://nas-name-or-ip/admin will not. Note this means that there is no encryption at all on the connection - so this is not something you want to deploy over the internet.
This change can coexist with a patch later on that installs TLS 1.2 (and of course it can be easily reversed).
The file that is modified is /etc/frontview/apache/Virtual.conf All that is needed is to comment out the rewrite engine rules. Changes are in blue.
#vers=2 <VirtualHost _default_:80> SSLEngine off # Eliminate HTTPS rewrite # RewriteEngine on # RewriteRule ^/admin/(.*)$ https://%{SERVER_NAME}/admin/$1 [R,L] # RewriteRule ^/admin$ https://%{SERVER_NAME}/admin # End Eliminate HTTPS rewrite </VirtualHost>
I suggest preserving the original as Virtual.conf.orig. Reboot the NAS after updating the file.
If you copy this file on a Windows system, make sure you paste it into a tool that can save the file using Unix end-of-line convention (for instance, Notepad++). With Notepad++, set Edit->EOL Conversion to Unix (LF) before saving.
Note this is a simplified version of an earlier workaround posted by @irae for 5.3.x (v2) NAS here: https://community.netgear.com/t5/Using-your-ReadyNAS-in-Business/ReadyNAS-NV-V2-TLS-Support-may-not-... @irae's version also disables SSL in httpd.conf That might be needed in the v2 NAS, but isn't needed in 4.1.x systems.