Chris,
On 11.10.2013 18:02, Christopher Schultz wrote:
Also, a bit of a brainstorming now: could this whole thing be IP
protocol issue? I've seen similar behavior before, albeit not in
context of SSL handshake: client tries to connect using IPv6
address, but firewall doesn't allow it, so client
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Chirag,
On 10/10/13 9:46 PM, Chirag Dewan wrote:
> Hi All,
>
> Thanks a lot for your assistance. I enabled these protocols but
> that dint help.
>
> Finally after 24 hours of digging in I figured out the problem.
>
> We found out that the clients
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Ognjen,
On 10/10/13 5:23 PM, Ognjen Blagojevic wrote:
> Chris,
>
> On 10.10.2013 19:11, Christopher Schultz wrote:
>> Also, Chirag has the connector supporting only "TLS", so SSLv2
>> HELLO should indeally fail entirely.
>
> Setting attribute sslP
Hi All,
Thanks a lot for your assistance. I enabled these protocols but that dint help.
Finally after 24 hours of digging in I figured out the problem.
We found out that the clients connection timeout was close to around
80mins(which is inexplicable) and there is a firewall in between the clien
Chris,
On 10.10.2013 19:11, Christopher Schultz wrote:
Also, Chirag has the connector supporting only "TLS", so SSLv2 HELLO
should indeally fail entirely.
Setting attribute sslProtocol="TLS" may actually enable all protocols
from SSLv3 to TLSv1.2, plus SSLv2Hello. Even setting something like
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Ognjen,
On 10/10/13 4:11 AM, Ognjen Blagojevic wrote:
> On 10.10.2013 6:19, Chirag Dewan wrote:
>> A small update. The customers client is C++ client,which uses
>> OpenSSL. And I found that client hello message is SSLv2 protocol.
>> And the server r
Chirag,
On 10.10.2013 6:19, Chirag Dewan wrote:
A small update. The customers client is C++ client,which uses OpenSSL. And I
found that client hello message is SSLv2 protocol. And the server
response(server hello) is a TLSv1 protocol. Is there something I am missing?
There is a difference in
Hi ,
A small update. The customers client is C++ client,which uses OpenSSL. And I
found that client hello message is SSLv2 protocol. And the server
response(server hello) is a TLSv1 protocol. Is there something I am missing?
Chirag
On Wednesday, 9 October 2013 9:25 PM, Chirag Dewan
wrote:
Chris,
This is a legacy code and do need some tweaks for sure.
Regarding the issue,for some other Cipher as well the handshaking is failing. I
get a TCP_ZERO_WINDOW in my snoops. And thus resulting in Server sending a RST
to client.
Chirag
Sent from Yahoo! Mail on Android
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Chirag,
I have a bunch of non-SSL-related questions about your code.
On 10/9/13 9:59 AM, Chirag Dewan wrote:
> I have a wrapper connector class :
>
> public HTTPConnector(int port, String keystoreFile, String
> password, int maxKeepAliveRequests,
Hi,
I have a wrapper connector class :
public HTTPConnector(int port, String keystoreFile, String password, int
maxKeepAliveRequests, int maxThreads, int connectionTimeout, Logger logger)
throws Exception
{
myLogger = logger;
this.keyStoreFile = keystoreFile;
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Chirag,
On 10/9/13 8:39 AM, Chirag Dewan wrote:
> The first request after the Server is started gets rejected.
Interesting.
> I am setting my connector as follows:
>
> IntrospectionUtils.setProperty( this, "sslProtocol", "TLS" );
> Introspection
Hi,
The first request after the Server is started gets rejected. I am setting my
connector as follows:
IntrospectionUtils.setProperty( this, "sslProtocol", "TLS" );
IntrospectionUtils.setProperty( this, "keystore",
keyStoreFile );
IntrospectionUtils.setPr
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Chirag,
On 10/8/13 9:48 PM, Chirag Dewan wrote:
> For this particular cipher, the server sends a RST to the client
> after the certificate exchange is done. And the handshaking
> fails,for the first time only. Second request onwards handshaking
> h
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Chirag,
On 10/8/13 9:48 PM, Chirag Dewan wrote:
> For this particular cipher, the server sends a RST to the client
> after the certificate exchange is done. And the handshaking
> fails,for the first time only. Second request onwards handshaking
> h
Hi Chris,
Thanks for the code,it helped a lot.
Now,using that code on my server machine I found out that
TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA is not even in the defaults ciphers for
jdk1.6.0_39. Isn't this a strange behaviour? Server can only select available
ciphers,I suppose.
Thanks
Chirag
Hi,
For this particular cipher, the server sends a RST to the client after the
certificate exchange is done. And the handshaking fails,for the first time
only. Second request onwards handshaking happens and the traffic flows as usual.
What I understand is,I can provide a set of ciphers to the c
Chris,
On 8.10.2013 17:40, Christopher Schultz wrote:
-BEGIN PGP SIGNED MESSAGE-
Can anyone assist me in understanding why it is failing for the
first time? And is there any way I can force the Tomcat not to
select this cipher suite? Or any other way that I can resolve this
issue.
See
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Chirag,
On 10/8/13 6:01 AM, Chirag Dewan wrote:
> I am using Embedded Tomcat 6.0.37. I have a servlet which is
> running over HTTPS using SSL Connector. I have a Java Keystore with
> Customer Certificate imported in it.
>
> Now,there is a HTTP Clie
Chirag Dewan wrote:
Hi All,
I am using Embedded Tomcat 6.0.37. I have a servlet which is running over HTTPS
using SSL Connector. I have a Java Keystore with Customer Certificate imported
in it.
I cannot answer your question, but I think that in order to be helped faster, it would be
a good
20 matches
Mail list logo
