Rajesh Malepati wrote > On Wed, Jul 24, 2013 at 9:30 PM, kirpit <
> kirpit@ > > wrote: > > The server doesn't seem to care to respond to clients supporting TLS 1.2 > > ok: > openssl s_client -tls1 -connect emea.webservices.travelport.com:443 > > no reply: > openssl s_client -tls1_2 -connect emea.webservices.travelport.com:443 > > such servers should be beaten to pulp. Hi, I ran into the same problem and then came across this thread. According to http://tools.ietf.org/html/rfc5246#appendix-E: "A TLS 1.2 client who wishes to negotiate with such older servers will send a normal TLS 1.2 ClientHello, containing { 3, 3 } (TLS 1.2) in ClientHello.client_version. If the server does not support this version, it will respond with a ServerHello containing an older version number." Why then the server isn't responding at all to the Client Hello for TLS1.2? Is this expected behavior with OpenSSL 1.0.1e? If it is, then this would need to be fixed as it is not compliant with the RFC. -- View this message in context: http://openssl.6102.n7.nabble.com/connection-problem-with-the-version-1-0-1e-tp45935p46868.html Sent from the OpenSSL - User mailing list archive at Nabble.com. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
