> From: owner-openssl-us...@openssl.org On Behalf Of Matthias Apitz > Sent: Sunday, 07 October, 2012 02:36
> El día Saturday, October 06, 2012 a las 01:37:06PM -0400, > Indtiny s escribió: > > > Hi, > > Thanks for the information .. I get the server part from > the this link > > http://www.rtfm.com/openssl-examples/ > > I started the server but I am getting the following error > when I am trying > > You did not say exactly which 'server' you started, perhaps the > 'wserver' from the openssl-examples-20020110 > > > run the client by $curl http://127.0.0.1:8080 > > you should use an SSL client, for example 'wclient' from the > examples or > the openssl' s_client; > Or, if it's a web/https server, curl with https://whatever . Aside: port 8080 for https is confusing, that's often used (though not reserved) for http-clear. 8443 would be better. > > > > AT the server side : > > > > 3078153864:error:140EC0AF:SSL > routines:SSL2_READ_INTERNAL:non sslv2 initial > > packet:s2_pkt.c:187: > > I think this is normal, because you did not contacted the server with > some SSL client; > Also it appears this server is doing only SSLv2. That's a bad idea nowadays; although SSLv2 was thought good enough in its day, flaws have since been found; some clients (notably Java) and most if not all scans (and checklists) may refuse it, or at least warn noisily. Get a server that does at least SSLv3, and TLSv1.0 is better. TLSv1.1 or v1.2 is better yet, but in openssl only in 1.0.1, and not yet too widespread in clients. (Of course openssl server can support a range, selecting whatever each client needs.) > > > > At the client side : > > > > curl: (56) Recv failure: Connection reset by peer > > normal too; > ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
