On Tue, 26 May 1998, Endre Papajcsik wrote:
> I am using SSLeay 0.9.0 on Linux-elf and there seems to be a problem with
> s_server (or is it really IE4.0 and IE4.01). I execute the s_server program
> as follows:
...
> When I do the same thing using an IE 4.0 or IE 4.01 browser, and the user
is
> presented with a list box containing the appropriate client certificates to
> use, s_server drops the SSL session with the following output:
...
> If the user then selects a client cert the browser will establish a new SSL
> session and complete the handshaking successfully.
>
> Why does s_server drop the SSL session? Is IE4.0 sending a NULL packet that
> is not understood by the handshake function? If so do you have any idea why?
> Are there any special options/functions that need to be used/called for the
> handshake with IE4.0 that are not present in s_server?
Because IE4.0 closes the socket and forms a new connection ;-). IE4.0
could be called brain damaged, but to me it appears that all parameters must
be configured before the SSL handshake is started. If a client cert is to be
returned, IE4.0 has to 're-configure' the SSL engine and restart. Call it an
internal MS SSL API problem :-).
> My main problem is that I have a Java application that will be connecting to
> an SSL server, unlike the above example which is simply a URL entered into
> the address edit control of the browser. When our Java applet connects
> through IE4.0 and s_server drops the session at the time when the user is
> ment to select an appropriate client cert (as described before) the Java
> applet send function returns immediately with an error state.
There is nothing you can do since this is they way IE operates, and has done
for quite some time.
eric
+-------------------------------------------------------------------------+
| Administrative requests should be sent to [EMAIL PROTECTED] |
| List service provided by Open Software Associates, http://www.osa.com/ |
+-------------------------------------------------------------------------+
