Hi, I am using openssl-0.9.6d to establish a secure web server. I am having some problems with the DES-CBC3-SHA (TLS_RSA_WITH_3DES_EDE_CBC_SHA)cipher suite. Details below:
Platform: Unix. - openssl req -x509 -new -keyout srvkey.pem -out srvcert.pem -days 365 -newkey rsa:1024 -nodes - openssl s_server -cert srvcert.pem -key srvkey.pem -cipher DES-CBC3-SHA -WWW (I intend to use only one cipher suite, DES-CBC3-SHA). - I create/copy a html file (say temp.html) to the directory where I ran the above commands. - I tried to connect from a browser using https://IP ADDRESS:PORT/temp.html (PORT=default)In Internet Explorer I get an error: "The page cannot be displayed". I get this error even after I install the certificate. In Netscape, I am able to install the certificate and successfully open the html page. This problem does not arise in openssl-0.9.6b version. This problem does not arise in openssl-0.9.6d, if I am using low encryption strengths (128 bit or 40 bit). I have read the CHANGES document (from 0.9.6b to 0.9.6d) and it mentions some changes (from 0.9.6b to 0.9.6c) for block cipher padding. I read the details of the new padding method in http://www.openssl.org/~bodo/tls-cbc.txt, but that didn't help much. Can anyone suggest a solution for my problem? -Umesh ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
