> On Jul 22, 2016, at 11:23 PM, Steve Malenfant <[email protected]> wrote: > > So there is absolutely no way I can connect a Centos 5 client to ATS/https?
I don’t know why this wouldn’t work, but it can be difficult to debug what is hindering the negotiation. I’d start attacking this by taking a packet trace of a working TLS session to see what is negotiating successfully. That will give you a target for what you have to do on the ATS side. > > > All my tests were on internal networks in the lab. This would eventually > needs to connect on external networks (on ACLs), but this is simply trying to > run a proof of concept. > > Thanks, > > > On Fri, Jul 22, 2016 at 9:16 AM, Reindl Harald <[email protected]> wrote: > > > Am 22.07.2016 um 15:02 schrieb Steve Malenfant: > I'm trying to connect and older proprietary system running on Centos 5.8 > to an internal CDN running ATS 5.3.2 via https. Somehow I can connect to > a bunch of different sites, but not to ATS. > > I don't know much about SSL, but I can't get pass initial handshake > which is saying there is "no shared ciphers" > > i fear the TLS support in CentOS 5 is a dead road these days > CentOS6 has acceptable backports - but CentOS5 - no > > why does the CentOS5 sit outside and connect via TLS to internal machines > running ATS? normally you are doing things the other way - having internal > nodes without TLS and use ATS for SSL offloading so that oldm oputdated stuff > is not exposed to the internet > >
