The best idea I can give you is to post an URL to the source of the app so someone working on the SSL code would be in a better position to help you, but that will of course only help debuggability, not you.

/ Johan Sundström (Achtung Liebe!)

Previous text:

2004-03-03 19:26: Subject: SSL in 7.5 is broken?

---

Hi,

Just attempted to run my test app (simple SSL server) on 7.5, but it doesn't work well:

aldem@asv:~> openssl s_client -connect 127.0.0.1:8443 -state -ssl3 CONNECTED(00000003) SSL_connect:before/connect initialization SSL_connect:SSLv3 write client hello A SSL_connect:SSLv3 read server hello A depth=0 /C=DE/ST=Thueringen/L=Ilmenau/O=TU Ilmenau/OU=PMI/CN=demo server verify error:num=18:self signed certificate verify return:1 depth=0 /C=DE/ST=Thueringen/L=Ilmenau/O=TU Ilmenau/OU=PMI/CN=demo server verify error:num=10:certificate has expired notAfter=May 30 05:36:59 1996 GMT verify return:1 depth=0 /C=DE/ST=Thueringen/L=Ilmenau/O=TU Ilmenau/OU=PMI/CN=demo server notAfter=May 30 05:36:59 1996 GMT verify return:1 SSL_connect:SSLv3 read server certificate A SSL_connect:SSLv3 read server done A SSL_connect:SSLv3 write client key exchange A SSL_connect:SSLv3 write change cipher spec A SSL_connect:SSLv3 write finished A SSL_connect:SSLv3 flush data SSL_connect:failed in SSLv3 read finished A 30801:error:1409E0E5:SSL routines:SSL3_WRITE_BYTES:ssl handshake failure:s3_pkt.c:529:

So it breaks somewhere... Unfortunately, I wasn't following recent changes in SSL code (there are many) - so - is it just unsafe now or something which isn't normal?

In the app accept_callback is called - but nothing more happens (connection is closed silently, somewhere deep inside, even cb_close isn't called).

Any ideas? :) (Yes, is 7.4 same apps works perfectly :)

Regards, /Al

/ Brevbäraren