github-starred/barrier

Fork 0

mirror of https://github.com/debauchee/barrier.git synced 2026-05-15 14:16:02 -06:00

[GH-ISSUE #1489] resolved: error:1417C0C7:SSL routines:tls_process_client_certificate:peer did not return a certificate #1133

New issue

Open

opened 2026-05-05 07:31:22 -06:00 by gitea-mirror · 4 comments

gitea-mirror commented

2026-05-05 07:31:22 -06:00

Owner

Originally created by @jharvell on GitHub (Dec 28, 2021).
Original GitHub issue: https://github.com/debauchee/barrier/issues/1489

What happened?

After upgrading on Gentoo Linux (server) from x11-misc/barrier-2.3.3 to x11-misc/barrier-2.4.0, the server now complains every time it gets a connection from the client (Windows 10 2.3.3-release-3395cca9) with the following messages:

déc. 28 12:35:28 wolfhound barriers[1475]: [2021-12-28T12:35:28] ERROR: error:1417C0C7:SSL routines:tls_process_client_certificate:peer did not return a certificate
déc. 28 12:35:28 wolfhound barriers[1475]: [2021-12-28T12:35:28] ERROR: failed to accept secure socket

No connection is established.

Version

v2.4.0

Git commit hash (if applicable)

No response

If applicable, where did you install Barrier from?

Gentoo Linux package version x11-misc/barrier-2.4.0

What OSes are you seeing the problem on? (Check all that apply)

Linux

What OS versions are you using?

Gentoo Linux (server) and Windows 10 (client)

Relevant log output

déc. 28 12:35:28 wolfhound barriers[1475]: [2021-12-28T12:35:28] ERROR: error:1417C0C7:SSL routines:tls_process_client_certificate:peer did not return a certificate
déc. 28 12:35:28 wolfhound barriers[1475]: [2021-12-28T12:35:28] ERROR: failed to accept secure socket

Any other information

This problem happened after upgrading lots of packages (including x11-misc/barrier) on the Gentoo Linux system.

Originally created by @jharvell on GitHub (Dec 28, 2021). Original GitHub issue: https://github.com/debauchee/barrier/issues/1489 ### What happened? After upgrading on Gentoo Linux (server) from x11-misc/barrier-2.3.3 to x11-misc/barrier-2.4.0, the server now complains every time it gets a connection from the client (Windows 10 2.3.3-release-3395cca9) with the following messages: déc. 28 12:35:28 wolfhound barriers[1475]: [2021-12-28T12:35:28] ERROR: error:1417C0C7:SSL routines:tls_process_client_certificate:peer did not return a certificate déc. 28 12:35:28 wolfhound barriers[1475]: [2021-12-28T12:35:28] ERROR: failed to accept secure socket No connection is established. ### Version v2.4.0 ### Git commit hash (if applicable) _No response_ ### If applicable, where did you install Barrier from? Gentoo Linux package version x11-misc/barrier-2.4.0 ### What OSes are you seeing the problem on? (Check all that apply) Linux ### What OS versions are you using? Gentoo Linux (server) and Windows 10 (client) ### Relevant log output ```shell déc. 28 12:35:28 wolfhound barriers[1475]: [2021-12-28T12:35:28] ERROR: error:1417C0C7:SSL routines:tls_process_client_certificate:peer did not return a certificate déc. 28 12:35:28 wolfhound barriers[1475]: [2021-12-28T12:35:28] ERROR: failed to accept secure socket ``` ### Any other information This problem happened after upgrading lots of packages (including x11-misc/barrier) on the Gentoo Linux system.

gitea-mirror commented

2026-05-05 07:31:25 -06:00

Author

Owner

@jharvell commented on GitHub (Dec 28, 2021):

Barrier command line: /usr/bin/barriers --config .local/share/barrier/barrier.conf --no-daemon --address [::] --enable-crypto --name wolfhound --debug NOTE

jharvell@wolfhound SSL$ cat ~/.local/share/barrier/barrier.conf
section: screens
wolfhound:
ALN-jharvell:
end

section: links
wolfhound:
right = ALN-jharvell
ALN-jharvell:
left = wolfhound
end

jharvell@wolfhound SSL$ ls -l ~/.local/share/barrier/SSL
total 8
-rw-r----- 1 jharvell wolfhoundkeys 5219 19 août 2020 Barrier.pem

@jharvell commented on GitHub (Dec 28, 2021): Barrier command line: /usr/bin/barriers --config .local/share/barrier/barrier.conf --no-daemon --address [::] --enable-crypto --name wolfhound --debug NOTE jharvell@wolfhound SSL$ cat ~/.local/share/barrier/barrier.conf section: screens wolfhound: ALN-jharvell: end section: links wolfhound: right = ALN-jharvell ALN-jharvell: left = wolfhound end jharvell@wolfhound SSL$ ls -l ~/.local/share/barrier/SSL total 8 -rw-r----- 1 jharvell wolfhoundkeys 5219 19 août 2020 Barrier.pem

gitea-mirror commented

2026-05-05 07:31:27 -06:00

Author

Owner

@jharvell commented on GitHub (Dec 28, 2021):

I start barriers on with the following systemd service file that I wrote:

jharvell@wolfhound system$ cat barrier.service
[Unit]
Description=Barrier Virtual Desktop
Wants=network.target
After=network.target

[Service]
Type=simple
User=jharvell
Group=jharvell
WorkingDirectory=~
StandardOutput=journal
StandardError=journal
StandardInput=null
ExecStart=/usr/bin/barriers --config .local/share/barrier/barrier.conf --no-daemon --address [::] --enable-crypto --name wolfhound --debug NOTE
Restart=always

[Install]
WantedBy=multi-user.target

@jharvell commented on GitHub (Dec 28, 2021): I start barriers on with the following systemd service file that I wrote: jharvell@wolfhound system$ cat barrier.service [Unit] Description=Barrier Virtual Desktop Wants=network.target After=network.target [Service] Type=simple User=jharvell Group=jharvell WorkingDirectory=~ StandardOutput=journal StandardError=journal StandardInput=null ExecStart=/usr/bin/barriers --config .local/share/barrier/barrier.conf --no-daemon --address [::] --enable-crypto --name wolfhound --debug NOTE Restart=always [Install] WantedBy=multi-user.target

gitea-mirror commented

2026-05-05 07:31:28 -06:00

Author

Owner

@jharvell commented on GitHub (Dec 31, 2021):

This was happening because the client was running 2.3.3 and did not try to send a certificate. I resolved this by upgrading the client and also adding the client certificate fingerprint to ~/.local/share/barrier/SSL/Fingerprints/TrustedClients.txt as described in https://github.com/debauchee/barrier/issues/1414 . I also ditched the custom systemd service I wrote to start it and use the GUI.

The only change needed is probably to document the format of the TrustedClients.txt file. Thanks.

@jharvell commented on GitHub (Dec 31, 2021): This was happening because the client was running 2.3.3 and did not try to send a certificate. I resolved this by upgrading the client and also adding the client certificate fingerprint to ~/.local/share/barrier/SSL/Fingerprints/TrustedClients.txt as described in https://github.com/debauchee/barrier/issues/1414 . I also ditched the custom systemd service I wrote to start it and use the GUI. The only change needed is probably to document the format of the TrustedClients.txt file. Thanks.

gitea-mirror commented

2026-05-05 07:31:29 -06:00

Author

Owner

@ssk101 commented on GitHub (Jan 7, 2022):

I am still getting a seemingly related error intermittently with 2.4.0-release-3e0d758b on both my win11 server and mac client. Client connects to the server just fine, and Enable SSL and Require client certificate are both toggled on for the server and client. After accepting the certificate and successfully connecting, it started occurring and causing a ~1s cursor freeze on the mac client.

ERROR: ssl error occurred (generic failure)
ERROR: error:140890C7:SSL routines:ssl3_get_client_certificate:peer did not return a certificate
ERROR: failed to accept secure socket

I'm not running any process on either server or client with cli arguments, nor am I loading a custom config.

Might this be a win11 thing or an issue with my OpenSSL configuration on the win11 server?

@ssk101 commented on GitHub (Jan 7, 2022): I am still getting a seemingly related error intermittently with `2.4.0-release-3e0d758b` on both my win11 server and mac client. Client connects to the server just fine, and `Enable SSL` and `Require client certificate` are both toggled on for the server and client. After accepting the certificate and successfully connecting, it started occurring and causing a ~1s cursor freeze on the mac client. ``` ERROR: ssl error occurred (generic failure) ERROR: error:140890C7:SSL routines:ssl3_get_client_certificate:peer did not return a certificate ERROR: failed to accept secure socket ``` I'm not running any process on either server or client with cli arguments, nor am I loading a custom config. Might this be a win11 thing or an issue with my OpenSSL configuration on the win11 server?