On Thu, Dec 02, 2004 at 09:36:57PM -0800, Andrew Kraslavsky wrote: > My revised question is, do you have any idea why the server bothers to put > the Server Hello and Certificate records into the response only to follow > them with a fatal error? Is this the expected behavior?
I don't know -- I'll leave these questsions to those more knowledgeable about the protocols. It is, though, safe to ignore the Nessus plugin result at this point -- your server closes the connection before it ever receives the corrupt cert, presumably because it doesn't like the cipher suite the plugin sends. If it turns out your server's behaviour is within spec, I'll work to update the plugin. George -- [EMAIL PROTECTED]
pgpwdQiKBzMTb.pgp
Description: PGP signature
