RE: openssl-1.0.1-stable-SNAP-20110927

Thu, 29 Sep 2011 07:13:15 -0700 

I haven't tried your build process, but is the following still in 
ssl_lib.c::SSL_CTX_new()

        /* Disable TLS v1.2 by default for now */
        ret->options |= SSL_OP_NO_TLSv1_2;

Paul
_____________________________________________________________________________________________________
 
Paul A. Suhler, PhD | Firmware Engineer | Quantum Corporation | Office: 
949.856.7748 | paul.suh...@quantum.comĀ  
Preserving the World's Most Important Data. Yours.(tm) 

-----Original Message-----
From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org] 
On Behalf Of Michael Haas
Sent: Thursday, September 29, 2011 1:40 AM
To: openssl-users@openssl.org
Subject: openssl-1.0.1-stable-SNAP-20110927

Hello,

i tried to enable TLS1.1 + TLS1.2 on Apache 2.2.21 with
openssl-1.0.1-stable-SNAP-20110927 but didn't succeed.
TLS 1.1 is working as excpected but TLS 1.2 not. I don't get a
connection with TLS1.2, tried IE9 and Opera.
Should TLS 1.2 work already with openssl 1.0.1 or is only the
implimentation of TLS 1.1 finished?

I get the following error in the apache log with
openssl s_client -tls1_2 -CAfile SSL_CA.pem -connect XXX.XXX.XXX.XXX:443
SSL Library Error: 336151598 error:1409442E:SSL
routines:SSL3_READ_BYTES:tlsv1 alert protocol version

Thanks in Advance
Michael
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    openssl-users@openssl.org
Automated List Manager                           majord...@openssl.org

----------------------------------------------------------------------
The information contained in this transmission may be confidential. Any 
disclosure, copying, or further distribution of confidential information is not 
permitted unless such privilege is explicitly granted in writing by Quantum. 
Quantum reserves the right to have electronic communications, including email 
and attachments, sent across its networks filtered through anti virus and spam 
software programs and retain such messages in order to comply with applicable 
data security and retention requirements. Quantum is not responsible for the 
proper and complete transmission of the substance of this communication or for 
any delay in its receipt.
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    openssl-users@openssl.org
Automated List Manager                           majord...@openssl.org

Reply via email to