After new upgrade: Unknown cipher algo aes-256-ctr

Could you please post details about the version of PHP used and the version of OpenSSL installed on your system?

PHP 7.0
and it’s a “Let’s encrypt” certificate give by my provider OVH.com https://www.ovh.com/fr/ssl/
I don’t know how to give you the version…

Please create a .PHP file with ;

<?php echo phpinfo();?>

This will show you server-side info.

There is a section for openssl

openssl
OpenSSL support enabled
OpenSSL Library Version OpenSSL 1.0.1e-fips 11 Feb 2013

Also, maybe a .PHP file with

<?php var_dump(openssl_get_cipher_methods());

and posting these outputs could help.

Regards

2 Likes

Thanks, sorry… I don’t think about the phpinfo();

I’ve got :
OpenSSL support enabled
OpenSSL Library Version OpenSSL 0.9.8o 01 Jun 2010
OpenSSL Header Version OpenSSL 0.9.8o 01 Jun 2010
Openssl default config /usr/lib/ssl/openssl.cnf

and for openssl_get_cipher_methods();
array(102) { [0]=> string(11) "AES-128-CBC" [1]=> string(11) "AES-128-CFB" [2]=> string(12) "AES-128-CFB1" [3]=> string(12) "AES-128-CFB8" [4]=> string(11) "AES-128-ECB" [5]=> string(11) "AES-128-OFB" [6]=> string(11) "AES-192-CBC" [7]=> string(11) "AES-192-CFB" [8]=> string(12) "AES-192-CFB1" [9]=> string(12) "AES-192-CFB8" [10]=> string(11) "AES-192-ECB" [11]=> string(11) "AES-192-OFB" [12]=> string(11) "AES-256-CBC" [13]=> string(11) "AES-256-CFB" [14]=> string(12) "AES-256-CFB1" [15]=> string(12) "AES-256-CFB8" [16]=> string(11) "AES-256-ECB" [17]=> string(11) "AES-256-OFB" [18]=> string(6) "BF-CBC" [19]=> string(6) "BF-CFB" [20]=> string(6) "BF-ECB" [21]=> string(6) "BF-OFB" [22]=> string(9) "CAST5-CBC" [23]=> string(9) "CAST5-CFB" [24]=> string(9) "CAST5-ECB" [25]=> string(9) "CAST5-OFB" [26]=> string(7) "DES-CBC" [27]=> string(7) "DES-CFB" [28]=> string(8) "DES-CFB1" [29]=> string(8) "DES-CFB8" [30]=> string(7) "DES-ECB" [31]=> string(7) "DES-EDE" [32]=> string(11) "DES-EDE-CBC" [33]=> string(11) "DES-EDE-CFB" [34]=> string(11) "DES-EDE-OFB" [35]=> string(8) "DES-EDE3" [36]=> string(12) "DES-EDE3-CBC" [37]=> string(12) "DES-EDE3-CFB" [38]=> string(13) "DES-EDE3-CFB1" [39]=> string(13) "DES-EDE3-CFB8" [40]=> string(12) "DES-EDE3-OFB" [41]=> string(7) "DES-OFB" [42]=> string(8) "DESX-CBC" [43]=> string(10) "RC2-40-CBC" [44]=> string(10) "RC2-64-CBC" [45]=> string(7) "RC2-CBC" [46]=> string(7) "RC2-CFB" [47]=> string(7) "RC2-ECB" [48]=> string(7) "RC2-OFB" [49]=> string(3) "RC4" [50]=> string(6) "RC4-40" [51]=> string(11) "aes-128-cbc" [52]=> string(11) "aes-128-cfb" [53]=> string(12) "aes-128-cfb1" [54]=> string(12) "aes-128-cfb8" [55]=> string(11) "aes-128-ecb" [56]=> string(11) "aes-128-ofb" [57]=> string(11) "aes-192-cbc" [58]=> string(11) "aes-192-cfb" [59]=> string(12) "aes-192-cfb1" [60]=> string(12) "aes-192-cfb8" [61]=> string(11) "aes-192-ecb" [62]=> string(11) "aes-192-ofb" [63]=> string(11) "aes-256-cbc" [64]=> string(11) "aes-256-cfb" [65]=> string(12) "aes-256-cfb1" [66]=> string(12) "aes-256-cfb8" [67]=> string(11) "aes-256-ecb" [68]=> string(11) "aes-256-ofb" [69]=> string(6) "bf-cbc" [70]=> string(6) "bf-cfb" [71]=> string(6) "bf-ecb" [72]=> string(6) "bf-ofb" [73]=> string(9) "cast5-cbc" [74]=> string(9) "cast5-cfb" [75]=> string(9) "cast5-ecb" [76]=> string(9) "cast5-ofb" [77]=> string(7) "des-cbc" [78]=> string(7) "des-cfb" [79]=> string(8) "des-cfb1" [80]=> string(8) "des-cfb8" [81]=> string(7) "des-ecb" [82]=> string(7) "des-ede" [83]=> string(11) "des-ede-cbc" [84]=> string(11) "des-ede-cfb" [85]=> string(11) "des-ede-ofb" [86]=> string(8) "des-ede3" [87]=> string(12) "des-ede3-cbc" [88]=> string(12) "des-ede3-cfb" [89]=> string(13) "des-ede3-cfb1" [90]=> string(13) "des-ede3-cfb8" [91]=> string(12) "des-ede3-ofb" [92]=> string(7) "des-ofb" [93]=> string(8) "desx-cbc" [94]=> string(10) "rc2-40-cbc" [95]=> string(10) "rc2-64-cbc" [96]=> string(7) "rc2-cbc" [97]=> string(7) "rc2-cfb" [98]=> string(7) "rc2-ecb" [99]=> string(7) "rc2-ofb" [100]=> string(3) "rc4" [101]=> string(6) "rc4-40" }

Could you please open your ipconfig.php file and go to the bottom. There is a line ENCRYPTION_CIPHER=AES-256

Replace that line with ENCRYPTION_CIPHER=AES-256-CFB and try again.

You may also try to write the AES as lowercase letters: aes.

I can not do exactly that.
But I’m going into the configurations of my shared hosting and it works.

Thank you very much.

Why can’t you edit the ipconfig.php file?

Hi,

I’ve still got the same error as TechInfo.
Replacing the line (ENCRYPTION_CIPHER=AES-256) did not work…

php info:
openssl
OpenSSL support enabled
OpenSSL Library Version OpenSSL 0.9.8zh 14 Jan 2016
OpenSSL Header Version OpenSSL 0.9.8y 5 Feb 2013
Openssl default config /System/Library/OpenSSL/openssl.cnf

var_dump:
array(110) { [0]=> string(11) “AES-128-CBC” [1]=> string(11) “AES-128-CFB” [2]=> string(12) “AES-128-CFB1” [3]=> string(12) “AES-128-CFB8” [4]=> string(11) “AES-128-ECB” [5]=> string(11) “AES-128-OFB” [6]=> string(11) “AES-192-CBC” [7]=> string(11) “AES-192-CFB” [8]=> string(12) “AES-192-CFB1” [9]=> string(12) “AES-192-CFB8” [10]=> string(11) “AES-192-ECB” [11]=> string(11) “AES-192-OFB” [12]=> string(11) “AES-256-CBC” [13]=> string(11) “AES-256-CFB” [14]=> string(12) “AES-256-CFB1” [15]=> string(12) “AES-256-CFB8” [16]=> string(11) “AES-256-ECB” [17]=> string(11) “AES-256-OFB” [18]=> string(6) “BF-CBC” [19]=> string(6) “BF-CFB” [20]=> string(6) “BF-ECB” [21]=> string(6) “BF-OFB” [22]=> string(9) “CAST5-CBC” [23]=> string(9) “CAST5-CFB” [24]=> string(9) “CAST5-ECB” [25]=> string(9) “CAST5-OFB” [26]=> string(7) “DES-CBC” [27]=> string(7) “DES-CFB” [28]=> string(8) “DES-CFB1” [29]=> string(8) “DES-CFB8” [30]=> string(7) “DES-ECB” [31]=> string(7) “DES-EDE” [32]=> string(11) “DES-EDE-CBC” [33]=> string(11) “DES-EDE-CFB” [34]=> string(11) “DES-EDE-OFB” [35]=> string(8) “DES-EDE3” [36]=> string(12) “DES-EDE3-CBC” [37]=> string(12) “DES-EDE3-CFB” [38]=> string(13) “DES-EDE3-CFB1” [39]=> string(13) “DES-EDE3-CFB8” [40]=> string(12) “DES-EDE3-OFB” [41]=> string(7) “DES-OFB” [42]=> string(8) “DESX-CBC” [43]=> string(10) “RC2-40-CBC” [44]=> string(10) “RC2-64-CBC” [45]=> string(7) “RC2-CBC” [46]=> string(7) “RC2-CFB” [47]=> string(7) “RC2-ECB” [48]=> string(7) “RC2-OFB” [49]=> string(3) “RC4” [50]=> string(6) “RC4-40” [51]=> string(8) “SEED-CBC” [52]=> string(8) “SEED-CFB” [53]=> string(8) “SEED-ECB” [54]=> string(8) “SEED-OFB” [55]=> string(11) “aes-128-cbc” [56]=> string(11) “aes-128-cfb” [57]=> string(12) “aes-128-cfb1” [58]=> string(12) “aes-128-cfb8” [59]=> string(11) “aes-128-ecb” [60]=> string(11) “aes-128-ofb” [61]=> string(11) “aes-192-cbc” [62]=> string(11) “aes-192-cfb” [63]=> string(12) “aes-192-cfb1” [64]=> string(12) “aes-192-cfb8” [65]=> string(11) “aes-192-ecb” [66]=> string(11) “aes-192-ofb” [67]=> string(11) “aes-256-cbc” [68]=> string(11) “aes-256-cfb” [69]=> string(12) “aes-256-cfb1” [70]=> string(12) “aes-256-cfb8” [71]=> string(11) “aes-256-ecb” [72]=> string(11) “aes-256-ofb” [73]=> string(6) “bf-cbc” [74]=> string(6) “bf-cfb” [75]=> string(6) “bf-ecb” [76]=> string(6) “bf-ofb” [77]=> string(9) “cast5-cbc” [78]=> string(9) “cast5-cfb” [79]=> string(9) “cast5-ecb” [80]=> string(9) “cast5-ofb” [81]=> string(7) “des-cbc” [82]=> string(7) “des-cfb” [83]=> string(8) “des-cfb1” [84]=> string(8) “des-cfb8” [85]=> string(7) “des-ecb” [86]=> string(7) “des-ede” [87]=> string(11) “des-ede-cbc” [88]=> string(11) “des-ede-cfb” [89]=> string(11) “des-ede-ofb” [90]=> string(8) “des-ede3” [91]=> string(12) “des-ede3-cbc” [92]=> string(12) “des-ede3-cfb” [93]=> string(13) “des-ede3-cfb1” [94]=> string(13) “des-ede3-cfb8” [95]=> string(12) “des-ede3-ofb” [96]=> string(7) “des-ofb” [97]=> string(8) “desx-cbc” [98]=> string(10) “rc2-40-cbc” [99]=> string(10) “rc2-64-cbc” [100]=> string(7) “rc2-cbc” [101]=> string(7) “rc2-cfb” [102]=> string(7) “rc2-ecb” [103]=> string(7) “rc2-ofb” [104]=> string(3) “rc4” [105]=> string(6) “rc4-40” [106]=> string(8) “seed-cbc” [107]=> string(8) “seed-cfb” [108]=> string(8) “seed-ecb” [109]=> string(8) “seed-ofb” }

Are there any other solutions?
Thank you in advance

Regards

And this is the error in the log file:

ERROR - 2017-08-23 15:23:54 --> Severity: error --> Exception: Cryptor:: - unknown cipher algo aes-256-ctr /Applications/MAMP/htdocs/ip/application/libraries/Cryptor.php 64

Sorry, Kovah, I did not see your answer + soon … I can not edit the ipconfig.php file because I’m on a shared server at OVH.
… I’m sorry, i read another file twice…

I seem to have regenerated the SSL certificate to solve the worry.

But I’m not sure, my memory goes: ’

Lairel > Can you try this ? :-/

It works! Thank you so much :smiley: I was using MAMP and used this article -> https://gist.github.com/jfloff/5138826 <-

Hello,
i have the same problem with these error.

OpenSSL support enabled
OpenSSL Library Version OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008
OpenSSL Header Version OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008
Openssl default config /etc/pki/tls/openssl.cnf

1array(98) { [0]=> string(11) “AES-128-CBC” [1]=> string(11) “AES-128-CFB” [2]=> string(12) “AES-128-CFB1” [3]=> string(12) “AES-128-CFB8” [4]=> string(11) “AES-128-ECB” [5]=> string(11) “AES-128-OFB” [6]=> string(11) “AES-192-CBC” [7]=> string(11) “AES-192-CFB” [8]=> string(12) “AES-192-CFB1” [9]=> string(12) “AES-192-CFB8” [10]=> string(11) “AES-192-ECB” [11]=> string(11) “AES-192-OFB” [12]=> string(11) “AES-256-CBC” [13]=> string(11) “AES-256-CFB” [14]=> string(12) “AES-256-CFB1” [15]=> string(12) “AES-256-CFB8” [16]=> string(11) “AES-256-ECB” [17]=> string(11) “AES-256-OFB” [18]=> string(6) “BF-CBC” [19]=> string(6) “BF-CFB” [20]=> string(6) “BF-ECB” [21]=> string(6) “BF-OFB” [22]=> string(9) “CAST5-CBC” [23]=> string(9) “CAST5-CFB” [24]=> string(9) “CAST5-ECB” [25]=> string(9) “CAST5-OFB” [26]=> string(7) “DES-CBC” [27]=> string(7) “DES-CFB” [28]=> string(8) “DES-CFB1” [29]=> string(8) “DES-CFB8” [30]=> string(7) “DES-ECB” [31]=> string(7) “DES-EDE” [32]=> string(11) “DES-EDE-CBC” [33]=> string(11) “DES-EDE-CFB” [34]=> string(11) “DES-EDE-OFB” [35]=> string(8) “DES-EDE3” [36]=> string(12) “DES-EDE3-CBC” [37]=> string(12) “DES-EDE3-CFB” [38]=> string(12) “DES-EDE3-OFB” [39]=> string(7) “DES-OFB” [40]=> string(8) “DESX-CBC” [41]=> string(10) “RC2-40-CBC” [42]=> string(10) “RC2-64-CBC” [43]=> string(7) “RC2-CBC” [44]=> string(7) “RC2-CFB” [45]=> string(7) “RC2-ECB” [46]=> string(7) “RC2-OFB” [47]=> string(3) “RC4” [48]=> string(6) “RC4-40” [49]=> string(11) “aes-128-cbc” [50]=> string(11) “aes-128-cfb” [51]=> string(12) “aes-128-cfb1” [52]=> string(12) “aes-128-cfb8” [53]=> string(11) “aes-128-ecb” [54]=> string(11) “aes-128-ofb” [55]=> string(11) “aes-192-cbc” [56]=> string(11) “aes-192-cfb” [57]=> string(12) “aes-192-cfb1” [58]=> string(12) “aes-192-cfb8” [59]=> string(11) “aes-192-ecb” [60]=> string(11) “aes-192-ofb” [61]=> string(11) “aes-256-cbc” [62]=> string(11) “aes-256-cfb” [63]=> string(12) “aes-256-cfb1” [64]=> string(12) “aes-256-cfb8” [65]=> string(11) “aes-256-ecb” [66]=> string(11) “aes-256-ofb” [67]=> string(6) “bf-cbc” [68]=> string(6) “bf-cfb” [69]=> string(6) “bf-ecb” [70]=> string(6) “bf-ofb” [71]=> string(9) “cast5-cbc” [72]=> string(9) “cast5-cfb” [73]=> string(9) “cast5-ecb” [74]=> string(9) “cast5-ofb” [75]=> string(7) “des-cbc” [76]=> string(7) “des-cfb” [77]=> string(8) “des-cfb1” [78]=> string(8) “des-cfb8” [79]=> string(7) “des-ecb” [80]=> string(7) “des-ede” [81]=> string(11) “des-ede-cbc” [82]=> string(11) “des-ede-cfb” [83]=> string(11) “des-ede-ofb” [84]=> string(8) “des-ede3” [85]=> string(12) “des-ede3-cbc” [86]=> string(12) “des-ede3-cfb” [87]=> string(12) “des-ede3-ofb” [88]=> string(7) “des-ofb” [89]=> string(8) “desx-cbc” [90]=> string(10) “rc2-40-cbc” [91]=> string(10) “rc2-64-cbc” [92]=> string(7) “rc2-cbc” [93]=> string(7) “rc2-cfb” [94]=> string(7) “rc2-ecb” [95]=> string(7) “rc2-ofb” [96]=> string(3) “rc4” [97]=> string(6) “rc4-40” }

i hope you can help me

Have you regenerated the SSL certificate ?

Hello @TechInfo,

I’m facing the same issue than you but the fix you provided ended up not solving anything…

  1. I’ve tried to change manually the ipconfig.php file to look like this
ENCRYPTION_CIPHER=AES-256-CFB
  1. or this
ENCRYPTION_CIPHER=aes-256
  1. As I’m also hosted by OVH, I’ve tried to regenerate SSL but here too not helping the issue.

Do you remember doing anything else to get it back to work ?

Thanks in advance :slight_smile:

Tim’

Hi, sorry for the moment… @timdlp

Big work.

What’s your PHP and OpenSSL version?

Hello,

Thanks for your answer, I’m with PHP 7.0.25 and OpenSSL/0.9.8o

I’ve found a workaround by manually changing some stuff in the Cryptor.php file but I’m pretty sure that’s the wrong way to do :slight_smile:

I advise you to immediately update your OpenSSL version to 1.0.2 or 1.1.0 as your version is out of date and thus extremely vulnerable.
See /policies/releasestrat.html

Sorry for up,
but for OVH Hosting,
you sould have at the root of the site a .ovhconfig file like this :

app.engine=php
app.engine.version=7.2
http.firewall=security
environment=production
container.image=stable

OpenSSL go to the 1.0.1k (TLS1.2 compatible)

I had the same problem at OVH. You must remove the .ovhconfig at the root of the site.

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.