Fastream Technologies wrote: > Hello, > > In version ICS-SSLv6, this was working well with the same app code > but in latest ICSv7, customers are unable to disable SSLv2 for PCI > compliance (a security standard from VISA). Does anybody have any > tested code for this?
I found this issue and posted it to the OpenSSL mailing list in Oct. 2009, with no reply, it's probably the same issue: "My client uses sslv23_method() with SSL_OP_NO_SSLv2 in SSL_CTX_set_options. Since I upgraded to v0.98k the handshake with one particular server fails with error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure. With OpenSSL v0.98i and earlier no problem at all." -- Arno Garrels -- To unsubscribe or change your settings for TWSocket mailing list please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be