Hi On 30 April 2014 19:26, Phil Mayers <p.may...@imperial.ac.uk> wrote: > > https://twistedmatrix.com/documents/12.0.0/core/howto/ssl.html#auto2 > > ...seems to work fine for me on both Twisted 12.1.0 / pyOpenSSL 0.13.1 and > Twisted 13.2.0 / pyOpenSSL 0.14. I'm testing using: > > openssl s_client -connect host:port -reconnect > > ...and seeing: > > drop connection and then reconnect > CONNECTED(00000003) > --- > Reused, TLSv1/SSLv3, Cipher is AES256-GCM-SHA384 > > ^^^^^^ looks ok. > > What do you see if you use that openssl command to test?
... drop connection and then reconnect CONNECTED(00000003) 3074107592:error:1409E0E5:SSL routines:SSL3_WRITE_BYTES:ssl handshake failure:s3_pkt.c:596: Same error mesage on the service side. However, someone pointed me to this: https://stackoverflow.com/questions/22378442/how-to-disable-session-resumption-in-pyopenssl Adding in: ctx.set_options(OP_NO_TICKET) Fixes the issue (well, the client no longer attemps to reuse the session). Since there is absolutely nothing performance sensitive about this, that is good enough for me. > Can you reduce it to a sscce with a fake self-signed cert? Might try tomorrow. -- - Henrik _______________________________________________ Twisted-Python mailing list Twisted-Python@twistedmatrix.com http://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-python
