tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Kobe <...@mailcity.com>
Subject Re: SSL connect to APR fails - "bad version"
Date Tue, 08 Nov 2011 22:11:56 GMT

many thanks again for your time and help.

Problem is: same openssl version working on another server
and successfuly setup SSLv3 connections with same client.
So I am thinking, there is misconfigure on this server. i would like
to find why this server respond with SSLv2 ClientHello instead of 
SSLv3 ClientHello.

how do i find this misconfigurn?

/Kobe


Marvin Addison wrote:
> 
> The following works as expected on my config (6.0.26) using the
> default protocols and cipher suite as in your config:
> 
> $ openssl s_client -connect eiger:443 -debug -ssl3
> CONNECTED(00000003)
> ...
> 
> Something in your SSL version jumped out at me:
> 
> OpenSSL 0.9.8e-fips-rhel5
> 
> Looks like you're running OpenSSL with the FIPS compliance features
> enabled, which may impose additional requirements on SSL negotiation.
> I can't provide any further insight, but hopefully it might point to
> an area for further investigation.
> 
> M
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
> 
> 
> 

-- 
View this message in context: http://old.nabble.com/SSL-connect-to-APR-fails---%22bad-version%22-tp32788669p32805994.html
Sent from the Tomcat - User mailing list archive at Nabble.com.


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message