Re: OpenSSL connection timeout

To: Ryo ONODERA <ryo_on%yk.rim.or.jp@localhost>
Subject: Re: OpenSSL connection timeout
From: Matthias Drochner <M.Drochner%fz-juelich.de@localhost>
Date: Fri, 29 Jul 2011 19:47:33 +0200

ryo_on%yk.rim.or.jp@localhost said:
> Using NetBSD/i386 5.99.55, I cannot connect to following servers with
> OpenSSL 1.0.1-stable 05 Jun 2011.

I'm not a big expert in SSL/TLS things, but since noone else
did answer so far:
current OpenSSL seems to try TLS1.2 initially. It seems that
there are servers which just hang after such a connection
attempt instead of engaging in negotiation.

> % openssl s_client -connect www.netbk.co.jp:443 -ssl3
> works well.

tls1 too. tls1_1 fails immediately. tls1_2 hangs.

So either our openssl to too new for this world, or these
servers are too old/buggy...

best regards
Matthias



------------------------------------------------------------------------------------------------
------------------------------------------------------------------------------------------------
Forschungszentrum Juelich GmbH
52425 Juelich
Sitz der Gesellschaft: Juelich
Eingetragen im Handelsregister des Amtsgerichts Dueren Nr. HR B 3498
Vorsitzender des Aufsichtsrats: MinDirig Dr. Karl Eugen Huthmacher
Geschaeftsfuehrung: Prof. Dr. Achim Bachem (Vorsitzender),
Dr. Ulrich Krafft (stellv. Vorsitzender), Prof. Dr.-Ing. Harald Bolt,
Prof. Dr. Sebastian M. Schmidt
------------------------------------------------------------------------------------------------
------------------------------------------------------------------------------------------------

Follow-Ups:
- Re: OpenSSL connection timeout
  - From: Matthias Scheler

References:
- OpenSSL connection timeout
  - From: Ryo ONODERA

Prev by Date: Re: ACPI woes on Compaq laptop
Next by Date: XEN3_DOM0 5.99.55 on grinds to a halt shortly after boot (repeatedly)
Previous by Thread: OpenSSL connection timeout
Next by Thread: Re: OpenSSL connection timeout
Indexes:

Home | Main Index | Thread Index | Old Index