The new OpenSSL 1.0.2b and 1.0.1n versions lasted one day, and were replaced  
1.0.2c and 1.0.1o to fix a bug, which may be downloaded from:

They can be used with ICS V8 releases later than 25th March 2015 that relax the
check for minor versions of OpenSSL, to avoid rebuilding projects.

Note that one of the security fixes increases the minimum SSL server DH Param 
length to 768 bits, which means use of the 512 bit key which is currently the
default in ICS will give this error:  

SSL Handshake Failed - error:14082174:SSL 
key too small

If you use a DH Param key file, to enable DH or ECDH key exchange, you will 
need use
the 1024 bit or larger keys files.  

This only effects SSL servers, not SSL clients.

My pending list still has ICS SSL improvements to support embedding SSL files 
in the
application, and support for multiple DH Param key sizes, hopefully to be done 
late July.


To unsubscribe or change your settings for TWSocket mailing list
please goto
Visit our website at

Reply via email to