subject:"\[openssl.org #2687\] OpenSSL 1.0.1\-beta1 sends certificate_verify in ServerHello and breaks Java 1.6.x clients, Firefox, and Chrome"

[openssl.org #2687] OpenSSL 1.0.1-beta1 sends certificate_verify in ServerHello and breaks Java 1.6.x clients, Firefox, and Chrome

2012-01-18 Thread Ivan Ristic via RT

I am testing a Java 1.6.x SSL client against Apache httpd 2.2.21 compiled against OpenSSL 1.0.1 beta 1. The Java client refuses to connect to the server, complaining about unsupported type_15 extension. Network traffic capture shows the server responding to an uninteresting TLS 1.0 ClientHello

[openssl.org #2687] OpenSSL 1.0.1-beta1 sends certificate_verify in ServerHello and breaks Java 1.6.x clients, Firefox, and Chrome

2012-01-18 Thread Stephen Henson via RT

[ivan.ris...@gmail.com - Wed Jan 18 14:07:52 2012]: I am testing a Java 1.6.x SSL client against Apache httpd 2.2.21 compiled against OpenSSL 1.0.1 beta 1. The Java client refuses to connect to the server, complaining about unsupported type_15 extension. This is caused by a bug in the