st
-Original Message-
From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf Of
Nounou Dadoun
Sent: Thursday, February 25, 2016 2:42 PM
To: openssl-users@openssl.org
Subject: [openssl-users] Failed TLSv1.2 handshake with error 67702888--bad
signature
I'm trying to troubles
I'm trying to troubleshoot some development code which is enabling TLSv1.1
and 1.2 and failing. Have an odd tls handshake failure, with an error number
that I can find any documentation about (is there any?) that indicates
"67702888--bad signature" which is being logged on the server side;
Update: after I disabled aes-gcm the server selected
TLS_RSA_WITH_AES_256_CBC_SHA256 (0x003d) and the connection succeeded
(disabling aes-gcm also disabled the available ciphers with SHA384 so it's not
clear whether that was the culprit or not).
So things are working again but still not sure
To: openssl-users@openssl.org
Subject: Re: [openssl-users] Failed TLSv1.2 handshake
On Mon, Dec 07, 2015 at 10:46:26PM +, Nounou Dadoun wrote:
> The cipher setting on the server is:
> SSL_CTX_set_cipher_list(pSslContext->GetNativeRef().impl(),
> "ALL:SEED:!EXPORT:!LOW:!DES:!RC4"
2015 11:44 AM
To: openssl-users@openssl.org
Subject: Re: [openssl-users] Failed TLSv1.2 handshake
Hi Viktor, thanks very much for taking a look, my plan now is to experiment
disabling ciphers until I figure out which one is causing some kind of mismatch
in TLS_RSA_WITH_AES_256_GCM_SHA384
Hi folks, running into a failed handshake problem -
Although we upgraded to openssl 1.0.2d last summer, we had never changed our
context setup from accepting any version other than TLSv1, i.e. (in boost)
m_context(pIoService->GetNative(), boost::asio::ssl::context::tlsv1)
When we recently
On Mon, Dec 07, 2015 at 10:46:26PM +, Nounou Dadoun wrote:
> The cipher setting on the server is:
> SSL_CTX_set_cipher_list(pSslContext->GetNativeRef().impl(),
> "ALL:SEED:!EXPORT:!LOW:!DES:!RC4");
Note, your cipher setting is likely not what you intend it to be,
instead try: