Issue
NOC-PS module can't establish a connection to the NOC-PS server. The module page shows following error message:
Error at NOC-PS Host 'xxx': error:1425F102:SSL routines:ssl_choose_client_version:unsupported protocol
Please verify the access details or disable the server at the WHMCS server configuration page.
The error occurs if you run WHMCS on an operating system which disables older TLS versions by default. For example CentOS 8.
Solution
Until NOC-PS integrates new TLS versions, there are 2 ways to solve the problem:
- Manual activation of older TLS versions on the WHMCS server.
- Installation of a reverse proxy, which forwards the connections to the NOC-PS server.
Recommended solution: Reverse Proxy
The use of a reverse proxy is recommended. For example, nginx in combination with Lets Encrypt is suitable for this purpose:
- Install a reverse proxy which forwards requests to your NOC-PS server.
- In the WHMCS server settings replace the address of the NOC-PS server with the address of the proxy.
Connections to the NOC-PS server are now possible again. These steps do not result in drawbacks.
Alternative solution: Activation of TLSv1
As an alternative to the reverse proxy, you can also enable older TLS versions on your server, allowing outgoing connections based on TLSv1.0. The exact steps vary depending on the operating system.
- Ubuntu / Debian: https://stackoverflow.com/a/61568390
For CentOS / RHEL, the same configuration adjustments should work. The openssl.cnf is located at /etc/pki/tls/openssl.cnf
After the configuration changes have been made, the webserver must be restarted (systemctl restart <service>).