Dr. Stephen Henson wrote: > > > openssl s_client -connect xxx.org:443
> > > and it should say if secure renegotiation is supported in > > > the output. > > Thanks for the tip! I tried, but I am afraid I cannot tell > > whether it is the case or not, based on this output. I tried > > on google.com:443 as well to be sure that was not because the > > other server, but I didn't find neither such info. Do you > > know what I must look for in the output of -connect ? > After the line saying "Server public key is xxx bit" you should > see: > Secure Renegotiation IS supported > or > Secure Renegotiation IS NOT supported > you need OpenSSL 1.0.0 or 0.9.8m or later to do this. Thanks. I had to compile a newer version than the one coming with Snow Leopard (which is just 0.9.8l :-p). And you're right, the server does not support the secure renegotiation. As Open SSL on that server is part of the system package management, I did prefer not to upgrade it by hand, but you put me on the correct way... I instead temporarily enabled SVN access through HTTP (anyway the content is readable by anyone). Thanks for your help, regards, -- Florent Georges http://www.fgeorges.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
