Re: [twsocket] Should I be concerned about https://cert-test.sandbox.google.com?
> Yes, Auto is fine for clients, EC is only used if the server cipher suite > requests it and is otherwise ignored. > > Auto only actually works with OpenSSL 1.0.2 and later, otherwise falls back > to > sslECDH_P256, but the rule now seems to be use the absolute latest OpenSSL > for all > the latest security fixes and we don't test with old stuff. Angus, Great! Thanks for the info... and I appreciate your support and help with ICS. Albert -- To unsubscribe or change your settings for TWSocket mailing list please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] Should I be concerned about https://cert-test.sandbox.google.com?
> I can leave it always set to auto, right Yes, Auto is fine for clients, EC is only used if the server cipher suite requests it and is otherwise ignored. Auto only actually works with OpenSSL 1.0.2 and later, otherwise falls back to sslECDH_P256, but the rule now seems to be use the absolute latest OpenSSL for all the latest security fixes and we don't test with old stuff. Angus -- To unsubscribe or change your settings for TWSocket mailing list please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] Should I be concerned about https://cert-test.sandbox.google.com?
> > Again the HTTPS sample works fine, make sure you have set SslECDHMethod to > sslECDHAuto. Yep. That was it! Thanks again. One more question... I can leave it always set to auto, right? This should make the component connect successfully to more servers rather than less, correct? Thanks, Albert Wiersch AI Internet Solutions LLC supp...@htmlvalidator.com https://www.htmlvalidator.com/ -- To unsubscribe or change your settings for TWSocket mailing list please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
Re: [twsocket] Should I be concerned about https://cert-test.sandbox.google.com?
> Here's another issue... I can't open this URL either (with v8.18): > https://cert-test.sandbox.google.com Again the HTTPS sample works fine, make sure you have set SslECDHMethod to sslECDHAuto. Angus -- To unsubscribe or change your settings for TWSocket mailing list please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
[twsocket] Should I be concerned about https://cert-test.sandbox.google.com?
Angus, Here's another issue... I can't open this URL either (with v8.18): https://cert-test.sandbox.google.com I get: SslHandshakeErrCode> 1049 (0 if no error) SslHandshakeRespMsg> error:14077419:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1 alert access denied Should I be concerned? More info: http://www.tomshardware.com/news/google-tls-standards-ssl3-rc4,30114.html Thanks, Albert Wiersch AI Internet Solutions LLC supp...@htmlvalidator.com https://www.htmlvalidator.com/ -- To unsubscribe or change your settings for TWSocket mailing list please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be