On Tue, Jun 17, 2014 at 06:48:28PM -0700, Nelson wrote:
> Perfectly working VM running Amazon Linux with Apache and mod_ssl
> configured for client certificates.
>
> Ran yum update to get the latest openssl (OpenSSL 1.0.1h-fips 5
> Jun 2014)/mod_ssl(2.2.27 )/httpd(2.2.27) security updates from
>
Perfectly working VM running Amazon Linux with Apache and mod_ssl configured
for client certificates.
Ran yum update to get the latest openssl (OpenSSL 1.0.1h-fips 5 Jun
2014)/mod_ssl(2.2.27 )/httpd(2.2.27) security updates from Amazon's yum
repository.
Now the client certificate checks are fa
On Tue, Jun 17, 2014 at 7:10 PM, Viktor Dukhovni
wrote:
> ...
>
>> Worse, this does NOT conform to RFC 6066:
>>
>>
>>The ServerNameList MUST NOT contain more than one name of the same
>>name_type. If the server understood the ClientHello extension but
>>does not recognize the server n
On Mon, Jun 16, 2014 at 02:12:07PM -0700, Steve Bush wrote:
> We have openssl installed with an apache server and we just
> upgraded from openssl-0.9.8u to openssl-0.9.8za, however we suddenly
> have large numbers of clients failing to connect. Both .NET and
> Java 1.7 clients fail with the error
We have openssl installed with an apache server and we just upgraded to
openssl-0.9.8u to openssl-0.9.8za, however we suddenly have large numbers of
clients failing to connect. Both .NET and Java 1.7 clients fail with the error
"unrecognized_name". When delving into this further using Wireshar
