On 06-01-13 13:06, Chris Knight wrote: > So just to give an update on this, > > After receiving a tip off I managed to get a work around for this issue. It > turns out the problem was to do with using libcurl and openssl because when > I use polarssl there is no problem. > > I tried figuring out exactly what the issue was but given ssl is not my area > of expertise I can't dig too deep before I get a little bit lost, just > thought I should let people know that there is a way round the issue if they > come across it. > > Chris
Hi Chris,
Could you test with an OpenSSL build curl and test with the following cipher
list:
"ALL:!ECDH" as --ciphers option (mind the ! sign on the command line) or set
an explicit cipher list with curl_{easy,multi,share}_setopt()
CURLOPT_SSL_CIPHER_LIST.
Last year we had a problem with OpenSSL and Java services unable to talk to
each other because of the preference of ECDH and it being borked in java.
Yet another option is setting CURLOPT_SSL_OPTIONS with the
CURLSSLOPT_ALLOW_BEAST option or the --ssl-allow-beast option.
I'm interested to know if either of these worked and also the server
version. You mentioned IIS, but I didn't find which flavor/version of it you
are using.
Oscar
smime.p7s
Description: S/MIME Cryptographic Signature
------------------------------------------------------------------- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
