Is there a way to specify the path of openssl 1.1.1 library in the system through configure script of ATS?
On Wed, Jul 15, 2020 at 8:39 PM Susan Hinrichs <[email protected]> wrote: > I think the version of openssl is it. A quick grep through the code it > appears that openssl 1.1.1 supports extended master secret but openssl > 1.0.2 does not. Interestingly you cannot turn off extended master secret > in 1.1.1. The SSL_OP_NO_EXTENDED_MASTER_SECRET option doesn't appear > until openssl 3. > > > On Wed, Jul 15, 2020 at 4:38 AM supraja sridhar < > [email protected]> wrote: > >> Hello, >> Yes, I am using ATS 7.1.1 with openssl 1.0.2 version. The client supports >> the extended master secret extension. Could the openssl version be an issue? >> >> On Tue, Jul 14, 2020 at 5:45 PM Susan Hinrichs <[email protected]> >> wrote: >> >>> Yes, I believe it should. ATS doesn't set SSL_OP_NO_EXTENDED_MASTER_SECRET, >>> and the default is for that feature to be enabled. >>> >>> Are you having problems with session reuse? Perhaps the client does not >>> support the Extended Master secret? >>> >>> Susan >>> >>> On Tue, Jul 14, 2020 at 1:26 AM supraja sridhar < >>> [email protected]> wrote: >>> >>>> Hello, >>>> >>>> Does ATS 7.x support session ticket reuse in the presence of Extended >>>> Master secret extension in the handshake ? >>>> >>>> Thanks >>>> Supraja >>>> >>> >> >> -- >> Regards, >> S.SUPRAJA >> MIT >> > -- Regards, S.SUPRAJA MIT
