Hello, it is a little bitte weird/strange/complicated;
On 02.11.2018 23:05, Matt Caswell wrote:
On 02/11/2018 21:51, Walter H. wrote:Hello, when I try to connect to https://www.3bg.at/ I get the following error Handshake with SSL server failed: error:1408E0F4:SSL routines:SSL3_GET_MESSAGE:unexpected message but https://www.ssllabs.com/ssltest/analyze.html?d=www.3bg.at says its ok ... is the problem on my side or on their side?You'll need to give us more information. I can connect to that server using OpenSSL 1.0.2 s_client. What version of OpenSSL are you using? Is this with your own application or from s_client? What ciphersuites have you configured? Any other relevant configuration that we should know about?
the mentioned error comes with squid - ssl-bump on;in case I switch it off and have it as normal proxy, then is really suspisious:
- an old Firefox (17.0.11esr) has no problems, the Sites is shown and works
- an older Google Chrome (the last one f. WinXP, v46) gives:
SSL connection error
ERR_SSL_PROTOCOL_ERROR
- a fork of the latest Pale Moon (Mypal) and an old Palemoon itself (the
last one f. WinXP) gives:
An error occurred during a connection to www.3bg.at.
Peer's certificate has an invalid signature.
(Error code: SEC_ERROR_BAD_SIGNATURE)
what is this strange?
but what does this mean at the mentioned SSLlabs result:
Certificate Transparency No
when I compare to any other site (e.g. my own with Let's encrypt
certificate),
I get Certificate Transparency *Yes (certificate)* is this caused on my side or on the other side? Thanks, Walter
smime.p7s
Description: S/MIME Cryptographic Signature
-- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
