Hello, openssl.exe s_client -connect services.gmf.fr:443
exits with the message "missing export tmp rsa key" The server selects RSA_EXPORT_WITH_DES40_CBC_SHA and sends an 1024bit RSA key. If I increase the RSA key size limits like below: - #define SSL_EXPORT_PKEYLENGTH(a) (SSL_IS_EXPORT40(a) ? 512 : 1024) + #define SSL_EXPORT_PKEYLENGTH(a) (SSL_IS_EXPORT40(a) ? 1024 : 1024) the handshake completes successfully. But according to [1] RSA_EXPORT_WITH_DES40_CBC_SHA requires a 512bit RSA key, not 1024. [1] https://bto.bluecoat.com/packetguide/appcelera-3.0.2/configure/ssl-cipher-details-popup.htm The website loads in Firefox because Firefox doesn't send this cipher in the ClientHello. My question is: is this a misconfigured server or is there something I can do to have openssl talk to that site ? Thanks, Bogdan
