Hi again!
I am trying to verify* "Your old version of OpenSSL may not necessarily
recognize the keywords you're passing in, and might very well ignore
them."*but have not found a way yet.
I however did try running OpenSSL's s_server (which I had not run before) to
try and narrow down the problem. And still DES-CBC-MD5 did not work, so you
might well be right about *"So, for DES-CBC-MD5 cipher to be accepted, you
might need to install an SSL certificate that's hashed with MD5, instead of
SHA1." *I'm now looking for the option to hash the certificate with MD5
instead of SHA1 (with no luck so far). I really hope this fixes it though.
I'm running OpenSSL 0.9.6l on another laptop and that does list MD5 as well,
maybe you're running one newer than mine.
I appreciate your help.
Shehab.
On 26 February 2010 17:01, Sam Varshavchik <[email protected]> wrote:
> Shehab Kazi writes:
>
> Hi!
>> Is there any other way to find out if Courier is in fact passing along the
>> selected configuration to OpenSSL?
>>
>> I'm curious as to how can running OpenSSL 0.9.6c cause this problem?
>>
>
> You are reading the documentation for the current version of OpenSSL, on
> the web, but you are using a prehistoric beast that's almost ten years old.
> OpenSSL 0.9.6c was released in December of 2001.
>
> Your specified cipher list is passed, verbatim, to OpenSSL. Your old
> version of OpenSSL may not necessarily recognize the keywords you're passing
> in, and might very well ignore them.
>
> Another thought that occured to me is that the last component of the
> cipher, 'MD5', probably specifies the certificate hash function, I think.
> All current versions of OpenSSL likely have support for MD5 compiled out,
> hence why I do not see it listed.
>
> So, for DES-CBC-MD5 cipher to be accepted, you might need to install an SSL
> certificate that's hashed with MD5, instead of SHA1.
>
>
>
>
> ------------------------------------------------------------------------------
> Download Intel® Parallel Studio Eval
> Try the new software tools for yourself. Speed compiling, find bugs
> proactively, and fine-tune applications for parallel performance.
> See why Intel Parallel Studio got high marks during beta.
> http://p.sf.net/sfu/intel-sw-dev
> _______________________________________________
> courier-users mailing list
> [email protected]
> Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
>
>
------------------------------------------------------------------------------
Download Intel® Parallel Studio Eval
Try the new software tools for yourself. Speed compiling, find bugs
proactively, and fine-tune applications for parallel performance.
See why Intel Parallel Studio got high marks during beta.
http://p.sf.net/sfu/intel-sw-dev
_______________________________________________
courier-users mailing list
[email protected]
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
