Ok,
but the same browser accross different machine will not do the same.
Still strange to me.
(same behavior with stunnel 4.53 and 4.35, so as you said, it seems a client related behavior)
Regards, Thomas.
On Tue, Apr 10, 2012 at 04:33, Leandro Avila leandro.avila@ymail.comwrote:
Thomas,
The most likely cause for the different algorithms is the use of different libraries.
Stunnel uses OpenSSL Mozilla uses NSS Not sure what Google Chrome uses.
Each library implements different cipher suites. So each browser might select different ciphers to connect to the same server.
Leandro Avila
From: Thomas Manson dev.mansonthomas@gmail.com To: Michal Trojnara Michal.Trojnara@mirt.net Cc: stunnel-users@stunnel.org Sent: Friday, April 6, 2012 6:35 AM Subject: Re: [stunnel-users] the connection had to be retried using SSL 3.0. This typically means that the server is using very old software and may have other security issues :(
Hi Mike,
thanks for the explanation.
So according to you, I should set anything to use the stunnel defaults? what's very strange is that from another PC (a colleague)
* google chrome I don't see the same crypting technology(CAMELLIA_256_CBC, Firefox report the same) * says the certificate can't be approved.(in another firefox too) * I've asked her to flush dns cache and retry
On my desktop compter I get the same crypting but no certificate error
On my laptop : I've the crypting I've reported in my first post. and the warning..;
Any idea why the crypting are different ? (chrome versions are different on minor versions, same version for Firefox)
Thomas.
On Fri, Apr 6, 2012 at 12:53, Michal Trojnara Michal.Trojnara@mirt.net wrote:
ciphers = AES128-SHA
stunnel-users mailing list stunnel-users@stunnel.org http://stunnel.mirt.net/mailman/listinfo/stunnel-users _______________________________________________ stunnel-users mailing list stunnel-users@stunnel.org http://stunnel.mirt.net/mailman/listinfo/stunnel-users