On Fri, Jan 22, 2010, Michael Stone wrote: > Dear openssl-users@ and, in particular, Dr. Henson, > > First, apologies that I didn't realize I was writing to you in my > previous response to Fred. I'll check my To: lines more carefully in the > future. > > Second, thanks for your earlier assistance in diagnosing this > issue. Your suggestions have led me to some interesting data, which I > will now try to summarize for you. (Full data are attached.) >
[Analysis snipped] It all looks OK to that point exactly as I'd expect. > > 6. We receive a fatal unexpected_message alert: > > <<< TLS 1.0 Alert [length 0002], fatal unexpected_message > 02 0a > > 7. The end. > > ## Questions > > 1. Everything looks good until we get the unexpected_message > alert. Is there some reason why we should expect to see it? > That's the puzzler. Which version of Apache are you using? You should *NOT* include the renegotiation workaround patch to Apache as that would probably interfere with the secure renegotiation. I'll see if I can reproduce it here. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
