On 03/08/2012 11:05 PM, David Holmes wrote:
I'm trying to use openssl 1.0.1beta1 s_server with gnutls 2.4.1 (gnutls-cli).
s_server is complaining of an unknown extension (see debug output below).
Isn't it the client after the serverhello response?
you might want to add -debug and -msg to see the s_server response
to what s_server responds and why the client aborts.
regarding my earlier hasty message today:
the illegal hostname 17.0.0.1 is not a problem in s_server.
(I still haven't passed all "ent" certification) :-)
Openssl 0.9.8h works just fine though.
Is this a known issue?
./openssl s_server -key src/data/server.key -cert src/data/server.crt
-tlsextdebug
Using default temp DH parameters
Using default temp ECDH parameters
ACCEPT
TLS client extension "unknown" (id=9), len=3
0000 - 02 00 01 ...
TLS client extension "server name" (id=0), len=14
0000 - 00 0c 00 00 09 31 32 37-2e 30 2e 30 2e 31 .....127.0.0.1
ERROR
4150167176:error:14094456:SSL routines:SSL3_READ_BYTES:tlsv1 unsupported
extension:s3_pkt.c:1240:SSL alert number 110
shutting down SSL
CONNECTION CLOSED
ACCEPT
David Holmes | Technical Marketing Manager - Security
F5 Networks
P 206.272.5555
F 206.272.5556
www.f5.com
D 206.272.6740
Follow @dholmesf5
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
