> [[email protected] - Wed Dec 09 20:12:24 2009]: > > > However, I found that if I entered this command into OpenSSL: > > openssl s_client -starttls smtp -connect server.domain.com:587 -tls1 > > It worked and returned a collection of certificate information. I get the > impression that TLS can start unencrypted and then switch it up but is this > the real source of my problem, a lack of support in PHP for this > functionality? (See this post that gave me a clue -- > http://forums.devnetwork.net/viewtopic.php?f=52&t=96525#p531211) > > I'm no TLS/SSL expert so apologies if my terminology is wrong, I'm simply > trying to understand why my script isn't working. >
No it's more that SMTP (and several other protocols) can start unencrypted and then become encrypted over TLS. You typically have to send an appropriate command or commands to the server and after receiving an appropriate response switch over to TLS. For SMTP it is the STARTTLS command. The initial commands, response checking and switch over have to be part of the application itself. I'm not familiar with PHP and the OpenSSL language bindings so not sure how you'd do that. In any case this isn't a bug and shouldn't be sent to the bug tracker. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [email protected]
