Hi, We are trying to use "openssl s_client" to test a server-authenticated (1-way SSL) connection.
The openssl s_client command is being run (on a Redhat machine) using the IP address of the SSL-enabled server, i.e., something like: openssl s_client -connect xx.xx.xx.xx:443 .... The problem we're having is that the connection is failing about 80% of the time. When it fails, we see the client Hello being sent, but then no server Hello and an "unknown protocol". Now, here's the strange thing... If we add an entry in the /etc/hosts with the IP address of the SSL server, and with ANY hostname (doesn't matter what it is), then the connection succeeds all the time. I was wondering if anyone be able to explain why the connection would not succeed SOME of the times if there isn't an entry in the client-side /etc/hosts file, but then would work all the time if there's an entry in /etc/hosts with the IP address of the SSL-enabled server (with ANY hostname in the /etc/hosts entry)? Thanks, Jim ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
