See also https://bugzilla.redhat.com/show_bug.cgi?id=533234
openssl s_client -connect phantom.dragonsdawn.net:5223
fails to get server hello message from the server. It's apparent that
the server is somehow broken but
gnutls-cli --protocols TLS1.0 --port 5223 dragonsdawn.net
gives a very similar client hello and it receives server hello fine.
The only way to get established ssl handshake openssl s_client is to use
the -ssl3 option. In some cases such as:
openssl s_client -tls1 -no_ticket -connect phantom.dragonsdawn.net:5223
server hello is returned (with a certificate) but the openssl s_client
for some reason does not recognize the certificate. This is suspicious
and it might mean the openssl implementation is buggy too.
--
Tomas Mraz
No matter how far down the wrong road you've gone, turn back.
Turkish proverb
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [email protected]
Automated List Manager [email protected]
