Hello all, Netscape browsers fail on our site if the DHE-RSA-AES128-SHA cipher is enabled on the browser. I have tried to use the "openssl ciphers" command on the web server to push this cipher to the end of the list, without any luck.
Am I attacking the problem correctly, or am I way off base? What really confuses me is our test server has the exact same version of openssl and works fine with Netscape. I ran ethereal packet sniffer and the problem seems to be in the SSLv3 conversation: After a "Client Key Exchange, Change Cipher Spec", there is an SSLv3 protocol message "Alert (Level: Fatal. Description: Unexpected Message)". The browser then shows an Alert box with "The document contains no data". RedHat 9 Sun Java j2sdk1.4.2_02 jakarta-tomcat-4.1.29 OpenSSL 0.9.7a Thanks, Jim O. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
