Hi
We are using stunnel 5.44. We are having an issue connecting with a customer who is not supporting TLS 1.1, only 1.2 and 1.3. When I look in the log, I see the following. Why do I see the SSLv3 note in the line? The below leads me to believe that we connect to the customer, but they say that we are not.
2018.06.25 11:37:24 LOG7[7]: TLS state (connect): SSLv3 read server certificate A 2018.06.25 11:37:24 LOG6[7]: Client certificate not requested 2018.06.25 11:37:24 LOG7[7]: TLS state (connect): SSLv3 read server done A 2018.06.25 11:37:24 LOG7[7]: TLS state (connect): SSLv3 write client key exchange A 2018.06.25 11:37:24 LOG7[7]: TLS state (connect): SSLv3 write change cipher spec A 2018.06.25 11:37:24 LOG7[7]: TLS state (connect): SSLv3 write finished A 2018.06.25 11:37:24 LOG7[7]: TLS state (connect): SSLv3 flush data 2018.06.25 11:37:24 LOG7[7]: TLS state (connect): SSLv3 read finished A 2018.06.25 11:37:24 LOG7[7]: 1 client connect(s) requested 2018.06.25 11:37:24 LOG7[7]: 1 client connect(s) succeeded 2018.06.25 11:37:24 LOG7[7]: 0 client renegotiation(s) requested 2018.06.25 11:37:24 LOG7[7]: 0 session reuse(s) 2018.06.25 11:37:24 LOG6[7]: TLS connected: new session negotiated
Best regards,
Dan
Daniel Trickett Head of Database Services | MBS Business Technology BX-TCS-O Oracle ERP Business Services of Merck KGaA, Darmstadt, Germany
Planned Absence - 7/2/2018 - 7/6/2018
MilliporeSigma A business of Merck KGaA, Darmstadt, Germany
EMD Millipore Corporation | 80 Ashby Road | Bedford, MA 01730 | USA office 781-533-3017 |cell 978-761-3506 |email daniel.trickett@emdmillipore.commailto:daniel.trickett@emdmillipore.com
This message and any attachment are confidential and may be privileged or otherwise protected from disclosure. If you are not the intended recipient, you must not copy this message or attachment or disclose the contents to any other person. If you have received this transmission in error, please notify the sender immediately and delete the message and any attachment from your system. Merck KGaA, Darmstadt, Germany and any of its subsidiaries do not accept liability for any omissions or errors in this message which may arise as a result of E-Mail-transmission or for damages resulting from any unauthorized changes of the content of this message and any attachment thereto. Merck KGaA, Darmstadt, Germany and any of its subsidiaries do not guarantee that this message is free of viruses and does not accept liability for any damages caused by any virus transmitted therewith.
Click http://www.emdgroup.com/emd/imprint/mail_disclaimer.html to access the German, French, Spanish and Portuguese versions of this disclaimer.
Hi,
the SSLv3 doesn't mean nothing in the log.
Should represent the actual secure protocol version? True, but that doesn't mean it could be actually using TLSvXXX.
Regards.
-
Daniel Trickett -
Javier