On Oct 31, 2014, at 10:01 AM, Quinn The Eskimo! <eski...@apple.com> wrote:
>
> On 31 Oct 2014, at 16:58, Mitchell Laurren-Ring <li...@rynosoft.com> wrote:
>
>> Calling SSLSetProtocolVersionEnabled with kTLSProtocol1Only gives me an -50
>> error. kSSLProtocolAll gives me error 0.
>
> No, I mean try forcing TLS 1.0 on the /client/. IIRC the server side of
> Secure Transport has problems negotiating down from TLS 1.2 to TLS 1.0.
>
> One option here is to use the OS X built-in version of
> <x-man-page://1/s_client>, which uses an old version of OpenSSL that doesn't
> support TLS 1.2.
Very good. If I don’t specify the protocol with s_client, I get the same
SSL-session info as when I use -tls1. I’m able to send from s_client, receive
in my server code, respond from server code and receive that response in
s_client.
So, given that my clients are web browsers, what are my options?
>
>> FYI, I’m using the OS X 10.6 SDK because I’m stuck in Xcode 3.2.6.
>
>
> Why are you stuck on Xcode 3.2.6?
>
The answer to that question is very complex but suffice to say that I have been
working for several years to move our code forward to the current toolset.
Unfortunately, I have not reached that goal yet due to a variety of issues over
which I have no control (management, QA, etc).
/Mick
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Macnetworkprog mailing list (Macnetworkprog@lists.apple.com)
Help/Unsubscribe/Update your Subscription:
https://lists.apple.com/mailman/options/macnetworkprog/archive%40mail-archive.com
This email sent to arch...@mail-archive.com
