* Florian Weimer: > * Edson Marquezani Filho: > >> We've found out that openssl shipped with CentOS 5 (old, I know) won't >> talk TLS by default. > > This depends on the application using OpenSSL. > >> So, once we cut off SSLv3, our Nagios scripts begin to fail, because >> they are not able to handshake with the monitored server. > > Which programs do your Nagios scripts use to probe your servers? > This is likely the place to look for solutions.
Another potential problem is that you may have disabled processing of SSL-2.0-compatible Client Hellos in the servers. This is different from full SSL 2.0 support (or SSL 3.0), and can lead to interoperability issues as well. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
