Hello Steve, On Wednesday, 14. January 2009 11:29:07 Dr. Stephen Henson wrote: > > # openssl s_client -ssl3 -connect update.intranator.com:443 > > CONNECTED(00000003) > > 31738:error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake > > failure:s3_pkt.c:1060:SSL alert number 40 31738:error:1409E0E5:SSL > > routines:SSL3_WRITE_BYTES:ssl handshake failure:s3_pkt.c:530: > > > > Is something wrong with my certificates or could > > this be a regression with openssl 0.9.8j? > > > > "-ssl2" and "-tls1" works fine. Also does openssl version 0.9.8i. > > Try it with the -no_ticket option. Some servers have problems with SSL/TLS > extensions and these were enabled by default in 0.9.8j. You can also > disable extensions by compiling with the no-tlsext option.
Thanks for your rpely, "-no_ticket" seems to work. The server is running openssl-0.9.7a from Centos/RHEL 3 including the distribution specific patches. Is openssl 0.9.7a known to be incompatible? Guess I'll try the "no-tlsext" option next. Thanks, Thomas ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
