> Does anyone know why this URL won't open/load:
> https://www.dietarysupplements.club/
>
> I get this (I'm not sure what it means):
> SslHandshakeErrCode> 1080 (0 if no error)
> SslHandshakeRespMsg> error:14077438:SSL
> routines:SSL23_GET_SERVER_HELLO:tlsv1
> alert internal error
That URL
> Or maybe you have not supplied a DHParams file
Sorry, brain fade, you only need a DHParams file for servers to support DH, and
ECDH
protocols, not clients.
Angus
--
To unsubscribe or change your settings for TWSocket mailing list
please goto
>
> Again the HTTPS sample works fine, make sure you have set SslECDHMethod to
> sslECDHAuto.
Yep. That was it! Thanks again.
One more question... I can leave it always set to auto, right? This should
make the component connect successfully to more servers rather than less,
correct?
Thanks,
Angus,
Here's another issue... I can't open this URL either (with v8.18):
https://cert-test.sandbox.google.com
I get:
SslHandshakeErrCode> 1049 (0 if no error)
SslHandshakeRespMsg> error:14077419:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1
alert access denied
Should I be concerned?
More info:
> I can leave it always set to auto, right
Yes, Auto is fine for clients, EC is only used if the server cipher suite
requests
it and is otherwise ignored.
Auto only actually works with OpenSSL 1.0.2 and later, otherwise falls back to
sslECDH_P256, but the rule now seems to be use the
> Here's another issue... I can't open this URL either (with v8.18):
> https://cert-test.sandbox.google.com
Again the HTTPS sample works fine, make sure you have set SslECDHMethod to
sslECDHAuto.
Angus
--
To unsubscribe or change your settings for TWSocket mailing list
please goto
> I'll try upgrading to 8.18 and report back.
Yeah! Upgrading to 8.18 seems to have fixed it. Pretty sure I was using 8.16
before.
Thanks,
Albert
--
To unsubscribe or change your settings for TWSocket mailing list
please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket
Visit our
> I would assume "Elliptic Curves encryption" is enabled by default.
No, but since sites now seem to be defaulting to using EC I'll change the
default
for SslECDHMethod to sslECDHAuto.
I also need to improve EC to handle other curves, but that is a little harder.
> Yeah! Upgrading to 8.18