Like the bug says: openssl s_client -connect soap.example.org:443 fails because "Secure Renegotiation IS NOT supported" but I can connect with : openssl s_client -tls1 -connect soap.example.org:443
Unfortunately, this doesn't help me at all. I have a PHP script using SoapClient, and although I found several suggestions for forcing tls1 when using SoapClient, none of them work. Seems to me that what is really needed is some way to force the use of a specific protocol per server, rather than relying on renegotiation, which can obviously be disabled. Sure, you might argue that server itself is the problem ( I don't necessarily disagree) but in the real world, we have to have some way of working around it....which currently, I don't. It would be awesome if, in openssl.cnf we could say something like: [connection_opts] server=soap.example.org protocol=tls1 Of course, I'd be happy if PHP had a way to do this within SoapClient....but something like that in openssl would fix this issue for everyone. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/965371 Title: HTTPS requests fail on sites which immediately close the connection if TLS 1.1 negotiation is attempted, on Ubuntu 12.04 To manage notifications about this bug go to: https://bugs.launchpad.net/openssl/+bug/965371/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
