در تاریخ سهشنبه ۲۴ مارس ۲۰۲۰، ۵:۲۰ Viktor Dukhovni <
openssl-us...@dukhovni.org> نوشت:
> On Mon, Mar 23, 2020 at 05:27:55PM -0700, Benjamin Kaduk via openssl-users
> wrote:
>
> > > I *think* possibly also the precise nature of that client cert
> > > matters; a testcase I set up away from my prod
On Mon, Mar 23, 2020 at 05:27:55PM -0700, Benjamin Kaduk via openssl-users
wrote:
> > I *think* possibly also the precise nature of that client cert
> > matters; a testcase I set up away from my production
> > system failed to induce the error. The client cert
> > is loaded using SSL_CTX_use_cer
On Mon, Mar 23, 2020 at 11:46:43PM +, Jeremy Harris wrote:
> OpenSSL 1.1.1 on Centos 8
> Ticket-based resumption
I'm testing posttls-finger with OpenSSL 1.1.1 on FreeBSD.
>
> I'm getting a repeatable error from a client call to SSL_connect()
> of "14228044:SSL routines:construct_ca_names:i
On Mon, Mar 23, 2020 at 11:46:43PM +, Jeremy Harris wrote:
> OpenSSL 1.1.1 on Centos 8
> Ticket-based resumption
>
>
> I'm getting a repeatable error from a client call to SSL_connect()
> of "14228044:SSL routines:construct_ca_names:internal error".
>
> Packet capture shows an Alert being s
OpenSSL 1.1.1 on Centos 8
Ticket-based resumption
I'm getting a repeatable error from a client call to SSL_connect()
of "14228044:SSL routines:construct_ca_names:internal error".
Packet capture shows an Alert being sent by the client before
anything is received from the server.
The error only
> Is it possible the browsers are trying to send early data?
I doubt it, I was not reporting the error, trying to report errors
before they disappear with clean-up code is an art, and does not always
work, so mostly I now see:
error::lib(0):func(0):reason(0), State: TLSv1.3 early data,
Is it possible the browsers are trying to send early data?
Changing the subject to be more relevant to my questions. Just wanted to ping
the list again.
From: openssl-users on behalf of Jason
Schultz
Sent: Friday, March 20, 2020 3:21 PM
To: openssl-users@openssl.org
Subject: Re: OpenSSL server sending certificate cha
On 23/03/2020 12:06, Angus Robertson - Magenta Systems Ltd wrote:
>>> My public web servers shows several handshake failures daily
>>> due to 'TLSv1.3 early data', sometimes after a previous
>>> successful TLSv1.3 connection, but not always.
>>
>> Do you have specific error messages?
>
> I se
> > My public web servers shows several handshake failures daily
> > due to 'TLSv1.3 early data', sometimes after a previous
> > successful TLSv1.3 connection, but not always.
>
> Do you have specific error messages?
I seem to only report the state rather than an error once the socket is
closed
On 23/03/2020 11:09, Angus Robertson - Magenta Systems Ltd wrote:
> My public web servers shows several handshake failures daily due to
> 'TLSv1.3 early data', sometimes after a previous successful TLSv1.3
> connection, but not always.
Do you have specific error messages?
>
> I'm not curren
Hey! I want to use stream filter witn CMS_sign. I have a problem: my program
doesn't produce cms signed data. Attaching my code and output data below.
The code that follows is a fragment from my original program.
void SignInit(CryptPacket &packet) //use once for initialization
{
if (m_c
My public web servers shows several handshake failures daily due to
'TLSv1.3 early data', sometimes after a previous successful TLSv1.3
connection, but not always.
I'm not currently attempting to handle any early data, I thought it was
disabled by default.
Is there something I should be doing
13 matches
Mail list logo