mediawiki 1.34.2 / parsoid 0.11.0all from the mw-repo on ubuntu 20.04, served by apache. apache redirects all non-https-requests to https, with
sslprotocol all -SSLv3 -TLSv1 -TLSv1.1 -TLSv1.2
in the apache configuration i'm getting an
"Error loading data from server: apierror-visualeditor-docserver-http-error: http-bad-status. Would you like to retry?
" error msg when trying to use visualeditor. in the logs:
{"name":"parsoid","hostname":"whatever","pid":483060,"level":60,"logType":"fatal/request","wiki":"wiki$0","title":"whatever", "oldId":null,"reqId":"d960f833d976986e93c7afeb","userAgent":"VisualEditor-MediaWiki/1.34.2","msg":"Template Fetch failure for \"whatever\": Error: write EPROTO 140430689695552:error:1409442E:SSL routines:ssl3_read_bytes:tlsv1 alert protocol version:../ssl/record/rec_layer_s3.c:1543:SSL alert number 70\n","stack":"Error: Template Fetch failure for \"whatever\": Error: write EPROTO 140430689695552:error:1409442E:SSL routines:ssl3_read_bytes:tlsv1 alert protocol version:../ssl/record/rec_layer_s3.c:1543:SSL alert number 70\n\n at TemplateRequest.ApiRequest._requestCB (/usr/lib/parsoid/src/lib/mw/ApiRequest.js:414:15)\n at Request.request [as _callback] (/usr/lib/parsoid/src/lib/mw/ApiRequest.js:332:35)\n at self.callback (/usr/lib/parsoid/node_modules/request/request.js:185:22)\n at Request.emit (events.js:198:13)\n at Request.onRequestError (/usr/lib/parsoid/node_modules/request/request.js:877:8)\n at ClientRequest.emit (events.js:203:15)\n at TLSSocket.socketErrorListener (_http_client.js:401:9)\n at TLSSocket.emit (events.js:198:13)\n at errorOrDestroy (internal/streams/destroy.js:107:12)\n at onwriteError (_stream_writable.js:436:5)\n at onwrite (_stream_writable.js:461:5)\n at _destroy (internal/streams/destroy.js:49:7)\n at TLSSocket.Socket._destroy (net.js:614:3)\n at TLSSocket.destroy (internal/streams/destroy.js:37:8)\n at WriteWrap.afterWrite [as oncomplete] (net.js:791:10)","longMsg":"Template Fetch failure for \"whatever\": Error: write EPROTO 140430689695552:error:1409442E:SSL routines:ssl3_read_bytes:tlsv1 alert protocol version:../ssl/record/rec_layer_s3.c:1543:SSL alert number 70\n","levelPath":"fatal/request","time":"2020-07-01T15:11:18.900Z","v":0}
… removing -TLSv1.2 from the sslprotocol-config causes it to work as expected.