[stunnel-users] the connection had to be retried using SSL 3.0. This typically means that the server is using very old software and may have other security issues :(

Leandro Avila leandro.avila at ymail.com
Tue Apr 10 04:33:33 CEST 2012


Thomas,
 
The most likely cause for the different algorithms is the use of different libraries.
 
Stunnel uses OpenSSL
Mozilla uses NSS
Not sure what Google Chrome uses.
 
Each library implements different cipher suites. So each browser might select different ciphers to connect
to the same server.
 

-----------------
Leandro Avila


________________________________
From: Thomas Manson <dev.mansonthomas at gmail.com>
To: Michal Trojnara <Michal.Trojnara at mirt.net> 
Cc: stunnel-users at stunnel.org 
Sent: Friday, April 6, 2012 6:35 AM
Subject: Re: [stunnel-users] the connection had to be retried using SSL 3.0. This typically means that the server is using very old software and may have other security issues :(


Hi Mike,

 thanks for the explanation.

 So according to you, I should set anything to use the stunnel defaults?
what's very strange is that from another PC (a colleague) 

    * google chrome I don't see the same crypting technology (CAMELLIA_256_CBC, Firefox report the same) 
    * says the certificate can't be approved.(in another firefox too)
    * I've asked her to flush dns cache and retry

On my desktop compter I get the same crypting but no certificate error

On my laptop : I've the crypting I've reported in my first post. and the warning..;


Any idea why the crypting are different ? (chrome versions are different on minor versions, same version for Firefox)

Thomas.



On Fri, Apr 6, 2012 at 12:53, Michal Trojnara <Michal.Trojnara at mirt.net> wrote:

   ciphers = AES128-SHA

_______________________________________________
stunnel-users mailing list
stunnel-users at stunnel.org
http://stunnel.mirt.net/mailman/listinfo/stunnel-users



More information about the stunnel-users mailing list