On 5/06/2012 7:05 p.m., alextouch wrote:
It is most likely that your clients browsers or SSL libraries are
missing AES-256 support or are getting stuck negotiating to use a
version of TLS/SSL which supports it.
Amos
Ok, but if I turn off proxy setting in clients and allow a direct connection
to the internet, all works well.
So I think there is something strange in my proxy machine/configuration that
denies some packets to flow correctly through it.
Client-side, if I leave proxy enabled and try to contact aes-256 sites, in
netstat I can see the connection in SYN_SENT state, so that I think that
somewhere some packets are dropped...
Just SYN_SENT? no TCP connection completed and CONNECT HTTP request
sent? (all that has to happen *before* the first octet of TLS starts)
Very strange.
Amos
