Hello Wan-Teh and All, I am now getting curiously confused with the problem.
Another cipher I saw today which has similar issues. Tool using NSS fails to perform handshake with cipher SSL_RSA_WITH_DES_CBC_SHA. But Openssl is able to perform handshake with its cipher equivalant DES-CBC-SHA. I am doubtful if this cipher is also not supported by the NSS? If it is so then why this time it fails to handshake? NSS version the tool using is 3.12. > I don't know why the tool can get all the information using > a cipher that NSS doesn't support. NSS cannot request > the SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA cipher, > so a server cannot possibly select that cipher when > communicating with an NSS-based client. Is there any detail document available for SSL_ForceHandshake. > You'll need to use a tool such as NSS's ssltap > or wireshark to find out what exactly is going on in > the SSL handshake, or ask the tool's vendor. The tool just uses SSL_ForceHandshake function to perform handshake. What more details do you think we should get in order to explore the issue more? I do not know the details of what to look using Wireshark. I will give it a try and let you know if I have any doubts. > Wan-Teh Regards, Abhishek -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
