Hi Thank for the inputs. Disabling TLS removes the problem.
Apart from that i tried following With the default configuration set and page accessed through Netscape 7.2 the web page is not accessible and when refreshed the page is accessible. Every time the browser is closed and reopened the same behaviour is noticed. The first time the Netscape sends version 3.1 and the next time on refresh it tries with version 3.0 and which works. Netscape is storing this information that this web server does not work with 3.1 and hence uses lower protocol version in next requests. In case of Firefox 1.5, the browser retries the web page with version 3.0 automatically when it is not accessible the first time with 3.1 version. Only difference with Firefox and Netscape is that Firefox retries on it's own whereas in Netscape user needs to refresh the page. It seems Netscape doesn't handled this problem and required use to do refresh. Firefox discovers this on runtime and retries connection with SSL 3.0 (when SSL handshake with SSL3.1 fails with harryandavid site). I remember the SSL stack of Netscape and Firefox are OpenSSL variants. Does this mean the same has been fixed in their stacks or is it handled by the application itself?. Any pointers will be of great help. thanks a lot for going thru my long mail. thanks and regards -Krishna On 1/10/06, Dr. Stephen Henson <[EMAIL PROTECTED]> wrote: > On Tue, Jan 10, 2006, Krishna M Singh wrote: > > > > > Also when we use SSLv2 only this works fine.. Only with SSLv23 the > > handshake fails. Any ideas or pointers how to proceed further wud be of > > great help.. > > > > Seems it doesn't support TLS and messes up SSLv3 when the client indicates it > supports TLS. > > Disabling TLS works though: the -no_tls1 option in s_client does that. > > Steve. > -- > Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage > OpenSSL project core developer and freelance consultant. > Funding needed! Details on homepage. > Homepage: http://www.drh-consultancy.demon.co.uk > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-users@openssl.org > Automated List Manager [EMAIL PROTECTED] > ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
