Re: OpenSSL0.9.7b communication problem with IE6.0

Wed, 11 Jun 2003 10:03:55 -0700

Thank you!!
Your suggestion is correct.
I could solve this problem.

IE6.0 displayed following page with 3DES cipher-suite.

//Mas
--
s_server -cipher ALL:!RC4:@STRENGTH -www -bugs
Ciphers supported in s_server binary
TLSv1/SSLv3:EDH-RSA-DES-CBC3-SHA     TLSv1/SSLv3:EDH-DSS-DES-CBC3-SHA    
TLSv1/SSLv3:DES-CBC3-SHA             TLSv1/SSLv3:ADH-DES-CBC3-SHA        
SSLv2      :DES-CBC3-MD5             TLSv1/SSLv3:IDEA-CBC-SHA            
SSLv2      :IDEA-CBC-MD5             SSLv2      :RC2-CBC-MD5             
TLSv1/SSLv3:EXP1024-DHE-DSS-DES-CBC-SHATLSv1/SSLv3:EXP1024-DES-CBC-SHA     
TLSv1/SSLv3:EXP1024-RC2-CBC-MD5      TLSv1/SSLv3:EDH-RSA-DES-CBC-SHA     
TLSv1/SSLv3:EDH-DSS-DES-CBC-SHA      TLSv1/SSLv3:DES-CBC-SHA             
TLSv1/SSLv3:ADH-DES-CBC-SHA          SSLv2      :DES-CBC-MD5             
TLSv1/SSLv3:EXP-EDH-RSA-DES-CBC-SHA  TLSv1/SSLv3:EXP-EDH-DSS-DES-CBC-SHA 
TLSv1/SSLv3:EXP-DES-CBC-SHA          TLSv1/SSLv3:EXP-RC2-CBC-MD5         
TLSv1/SSLv3:EXP-ADH-DES-CBC-SHA      SSLv2      :EXP-RC2-CBC-MD5         
---
Ciphers common between both SSL end points:
RC4-MD5                    RC4-SHA                    DES-CBC3-SHA             
DES-CBC-SHA                EXP1024-RC4-SHA            EXP1024-DES-CBC-SHA      
EXP-RC4-MD5                EXP-RC2-CBC-MD5            EDH-DSS-DES-CBC3-SHA     
EDH-DSS-DES-CBC-SHA        EXP1024-DHE-DSS-DES-CBC-SHA
---
Reused, TLSv1/SSLv3, Cipher is DES-CBC3-SHA
SSL-Session:
    Protocol  : TLSv1
    Cipher    : DES-CBC3-SHA
    Session-ID: B88904D6C58F7B5C693C615ECF9C47194DC77C0A0437DE4E4C6B8FEF9C51287B
    Session-ID-ctx: 01000000
    Master-Key: BB91D5307E863039474A19488866754C8CE7E7F240B11ED9BD1B0F2ABE7BAC109FFE438E433B547E134A01E447658B80
    Key-Arg   : None
    Start Time: 1055350244
    Timeout   : 300 (sec)
    Verify return code: 0 (ok)


[EMAIL PROTECTED] wrote:
 
On Wed, Jun 11, 2003 at 11:53:04PM +0900, [EMAIL PROTECTED] wrote:

I run SSL test server of OpenSSL0.9.7b by following command

openssl s_server -www -cipher "ALL:!RC4:@STRENGH"

I tried to browse this server by IE6.0.
However IE6.0 shows error "cannot display page ".

I capture packets of this commucation.
ServerHello was completed with selected cipher-suite of TLS_RSA_WITH_3DES_EDE_CBC_SHA.
So I guess the case of 3DES cipher-suite cause something wrong.

Netscape7.02. goes well in the case of 3DES cipher-suite.

Does anyone know something on this issue.


Could you please retry with the "-bugs" option to s_server?
It enables workarounds for well known bugs of other SSL implementations.

Best regards,
    Lutz

Reply via email to