> IIRC the behaviour is different in the forthcoming OpenSSL 1.1.0. In
> that version the client does not fix its version to the session version.
> The client remains version flexible - if the server does not wish to use
> the same version as was in the session then they can still negotiate a
>
We are using session resumption with openssl, and to support that we are
storing sessions in a file.
On the server side the allowed TLS version can be configured and server admin
can change it. It can
be changed for example to allow only TLS 1.2. The problem is that if the client
has SSL
We are using session resumption with openssl, and to support that we are
storing sessions in a file.
On the server side the allowed TLS version can be configured and server admin
can change it. It can
be changed for example to allow only TLS 1.2. The problem is that if the client
has SSL
Please ignore this message. This was happening because client was using saved
session information to connect.
From: openssl-users <openssl-users-boun...@openssl.org> on behalf of Prabhat
Puroshottam <prabhat.puroshot...@outlook.com>
Sent: Monday, Jun
Hi,
We have client and server software both using openssl. I am using the following
on the server side,
c = SSL_CTX_new (TLSv1_2_server_method ());
SSL_CTX_set_options(INTERNAL(bi)->context,
SSL_OP_ALL|SSL_OP_NO_SSLv2|SSL_OP_NO_TICKET);
>From the client side I am using this:
c =
Hi,
We have software product which allows for Clients (C) to communicate with
Agents (A) via a Proxy server (P). Client, Proxy and Agent all are part of our
product suite. The data transferred can even be in Gigabytes (which actually
are large files being transferred). Multiple client can
Hi,
I think my last email was somehow lost in transition between the mail
servers so I am starting afresh if somebody can help. If you have
already taken pains to read through this mail, kindly skip to the bottom
of the mail. Thanks for your patience.
First let me state upfront that I am
Why do you say it shouldn't matter? The new Java proxy server is most likely
the cause. Do some packet captures, between ClientAgent and ClinetProxy.
L ook at the timing, and see if the client ends up waiting for packets from
the proxy.
Sorry may be I wasn't able to convey it. The java
So the differnce here is that jave picks a DHE ciphersuite while
otherwise you didn't. DHE gives you forward secrecy but is
slower.
Being relatively new to OpenSSL and security programming in general,
obviously I need to read into these, but could it cause the delay in
sending ServerHello by
So the differnce here is that jave picks a DHE ciphersuite while
otherwise you didn't. DHE gives you forward secrecy but is
slower.
Being relatively new to OpenSSL and security programming in general,
obviously I need to read into these, but could it cause the delay in
sending ServerHello by
I am trying to summarize the problem again, since the previous
mail seems confusing to some of you. It might help you quickly understand
the problem I am facing:
We have a product, where Client connects to Server (Proxy Server in my
earlier mail). Client is implemented in C and uses OpenSSL,
Date: Thu, 18 Dec 2014 22:36:08 +0100
From: k...@roeckx.be
To: openssl-users@openssl.org
Subject: Re: [openssl-users] OpenSSL performance issue
On Fri, Dec 19, 2014 at 02:30:07AM +0530, Prabhat Puroshottam wrote
Date: Thu, 18 Dec 2014 22:36:08 +0100
From: k...@roeckx.be
To: openssl-users@openssl.org
Subject: Re: [openssl-users] OpenSSL performance issue
On Fri, Dec 19, 2014 at 02:30:07AM +0530, Prabhat Puroshottam wrote
Hi,
First let me state upfront that I am relatively very new to OpenSSL.
Also please forgive me if this is not the correct mailing list for this issue.
We have a product which uses OpenSSL to connect and transfer
application level data. There are two ways to connect, and get the application
14 matches
Mail list logo