Re: Any advice/recommendation for watching TLS version negotiation

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



> From: openssl-users [mailto:openssl-users-bounces@xxxxxxxxxxx] On
> Behalf Of Ludwig, Mark
> 
> A customer claims to have configured the web (app) server to only allow
> TLS 1.2
> (by disallowing up through TLS 1.1), and says that the client code
> (which we
> know is based on OpenSSL 1.0.2j) is nevertheless connecting using TLS
> 1.1.  We
> are setting up a similar environment internally to diagnose what's
> happening,
> and I wonder if anyone has any advice on the "best" tool for "watching"
> the TLS
> version negotiation when the connection is being established.

I've typically used Wireshark for this type of thing.  If you are using RSA and have a copy of the server key, you can also examine the encrypted channel content.

-Steve Wall
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users



[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux