I am not sure. I just need the ability to force the SSL client to avoid using SSLV2.
Regards, SZ On Fri, Jan 29, 2010 at 8:55 PM, Arno Garrels <arno.garr...@gmx.de> wrote: > Fastream Technologies wrote: > > Hello, > > > > In version ICS-SSLv6, this was working well with the same app code > > but in latest ICSv7, customers are unable to disable SSLv2 for PCI > > compliance (a security standard from VISA). Does anybody have any > > tested code for this? > > I found this issue and posted it to the OpenSSL mailing list in Oct. 2009, > with no reply, it's probably the same issue: > > "My client uses sslv23_method() with SSL_OP_NO_SSLv2 in > SSL_CTX_set_options. > Since I upgraded to v0.98k the handshake with one particular server fails > with error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert > handshake > failure. With OpenSSL v0.98i and earlier no problem at all." > > -- > Arno Garrels > -- > To unsubscribe or change your settings for TWSocket mailing list > please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket > Visit our website at http://www.overbyte.be > -- To unsubscribe or change your settings for TWSocket mailing list please goto http://lists.elists.org/cgi-bin/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
