On Wed, Oct 22, 2014 at 11:16:37PM +0200, Florian Weimer wrote:
>
> I'll try to reproduce this, but in the meantime, could you attempt to
> connect with
>
> openssl s_client -connect dest-wheezy.example.com:443 -no_ssl2
>
> from the squeeze box? It would be interesting to know if this
> succeeds or not.
It does succeed:
[[
CONNECTED(00000003)
<snip>
SSL handshake has read 3311 bytes and written 293 bytes
---
New, TLSv1/SSLv3, Cipher is DHE-RSA-AES256-SHA
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
SSL-Session:
Protocol : TLSv1
Cipher : DHE-RSA-AES256-SHA
<snip>
]]
The opposite direction also works:
openssl s_client -connect dest-squeeze.example.com:443 -no_ssl2
[[
CONNECTED(00000003)
<snip>
SSL handshake has read 3311 bytes and written 506 bytes
---
New, TLSv1/SSLv3, Cipher is DHE-RSA-AES256-SHA
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
SSL-Session:
Protocol : TLSv1
Cipher : DHE-RSA-AES256-SHA
<snip>
]]
If it would ease your testing, I can mail you the address of a
squeeze box.
-jose
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
