On Thu, May 21, 2015 at 10:33:27PM +0800, King Cao wrote:
> Many thanks for your help. The server only allows sepcifc IP, so I am
> afraid that internet can't acees this server. I will try to dump the
> package to compare it.
Yes, a packet dump of the handshake should tell the whole story.
Make sure to use "tcpdump -s0" so that you capture the full packet,
not just the TCP headers.
> So may I know if Exchange server will only pick one
> of 64 ciphers list provided by client? or there is the limitation on
> openssl client just sent out 64 cipher list during handshake?
Exchange 2003 ignores ciphers after the 64th in the TLS client
HELLO message. No such limitation in OpenSSL.
--
Viktor.
