New user to tt-rss, I am having an issue with feeds that are hosted behind Cloudflare CDN w/ SSL.
It seems that they force very stringent ciphers which requires setting one of the few supported ciphers (on Centos 6.7) as a curl_setopt.
I've been able to add the following line to tt-rss/include/functions.php (on line 370 or so), which resolves the issue.
Code: Select all
curl_setopt($ch, CURLOPT_SSL_CIPHER_LIST, 'ecdhe_ecdsa_3des_sha');
To be fair to tt-rss, this is not a bug with your code, but a lack of default ciphers in NSS. The above cipher is one of the few in the list that Cloudflare supports.
It presents as the SSL connect error 35, but other fixes in the forums don't account for this particular scenario.
Relevant info here: https://bugzilla.redhat.com/show_bug.cgi?id=527771
Here are the versions of relevant packages, if you can think of a better way to handle this issue.
Code: Select all
nss-3.19.1-8.el6_7.x86_64
openssl-1.0.1e-42.el6_7.2.x86_64
curl-7.19.7-46.el6.x86_64
libcurl-7.19.7-46.el6.x86_64