Ok. But I feel that the server should ignore the ciphers which it
doesn't understand instead of rejecting the connections. Because, you
can't expect the server to understand all the ciphers that the browser
has. Moreover, the SSL communication will succeed only when both the
parties agree upon a common cipher.
Robert Relyea wrote:
Nelson B
Bolyard wrote:
Suresh Kumar J wrote, On 2008-09-02 10:55:
Hi Nelson,
You are correct that Apache Tomcat web-server(v6.0.13) choked with the
full set of cipher suites implemented in the Windows FF3.0.1. When I
disable the following cipher suites via the "about:config" option, the
web communication started working and the server didn't complain
anything.
security.ssl3.dhe_dss_camellia_128_sha
security.ssl3.dhe_dss_camellia_256_sha
security.ssl3.dhe_rsa_camellia_128_sha
security.ssl3.dhe_rsa_camellia_256_sha
security.ssl3.rsa_camellia_128_sha
security.ssl3.rsa_camellia_256_sha
Thanks for pointing me to the right direction.
The reason this worked on your RH browser is the RH version does not
support camellia. I wonder why apache choked, it boggles the mind that
apache would actually reject connections with unrecognized ciphers
rather than ignore them. I wonder if it's trying to connect using them
but fails for some reason...
bob
bob
_______________________________________________
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
|
_______________________________________________
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
