Kyle, Thanks for the reply. It was certificate issue. After I was able to line the correct certs with the correct key it started working as advertised.
Thank you, Eric Speake Web Systems Administrator O'Reilly Auto Parts (417) 862-2674 Ext. 1975 From: Kyle Hamilton <aerow...@gmail.com> To: openssl-users@openssl.org, espe...@oreillyauto.com Date: 09/18/2014 01:29 PM Subject: Re: TLS handshake failure i/o timeout This may sound basic, but have you verified that the firewall on the server is set up to allow communication from the client? I think Ubuntu's firewall rejects all traffic to ports that don't match what its installed and configured packages claim they run on, without external configuration. -Kyle H On September 18, 2014 6:02:16 AM PDT, espe...@oreillyauto.com wrote: I have an ubuntu 14.04 with openssl 1.0.1f-1ubuntu2.3 server running and a another server connecting as the client with ubuntu 12.04 with openssl 1.0.1-4ubuntu5.16. I am getting an error about the TLS handshake failing i/o timeout. I have tried using our internal wildcard certs on both servers since I already have that on my web server , aka - the client, and I generated a sif signed cert on the server and copied it to the client. Both produce the same results. On the server I took a tcpdump and then did an ssldup of that file and this is what I am seeing for every connection: 210 1 0.0012 (0.0012) C>S Handshake ClientHello Version 3.1 cipher suites TLS_RSA_WITH_RC4_128_SHA TLS_RSA_WITH_3DES_EDE_CBC_SHA TLS_RSA_WITH_AES_128_CBC_SHA TLS_RSA_WITH_AES_256_CBC_SHA Unknown value 0xc011 Unknown value 0xc012 Unknown value 0xc013 Unknown value 0xc014 compression methods NULL I have looking through posts trying to find an answer with no luck yet. Any and all help is appreciated. Thanks, Eric Speake Web Systems Administrator O'Reilly Auto Parts (417) 862-2674 Ext. 1975 This communication and any attachments are confidential, protected by Communications Privacy Act 18 USCS � 2510, solely for the use of the intended recipient, and may contain legally privileged material. If you are not the intended recipient, please return or destroy it immediately. Thank you. OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org -- Sent from my Android device with K-9 Mail. Please excuse my brevity.-- This message has been scanned for viruses and dangerous content, and is believed to be clean. Message id: 5AF0F60079E.A6C39This communication and any attachments are confidential, protected by Communications Privacy Act 18 USCS § 2510, solely for the use of the intended recipient, and may contain legally privileged material. If you are not the intended recipient, please return or destroy it immediately. Thank you.
