Re: Implementing an SSL server on Snow Leopard
Re: Implementing an SSL server on Snow Leopard
- Subject: Re: Implementing an SSL server on Snow Leopard
- From: Mitchell Laurren-Ring <email@hidden>
- Date: Fri, 31 Oct 2014 10:16:24 -0700
On Oct 31, 2014, at 10:01 AM, Quinn The Eskimo! <email@hidden> wrote:
>
> On 31 Oct 2014, at 16:58, Mitchell Laurren-Ring <email@hidden> wrote:
>
>> Calling SSLSetProtocolVersionEnabled with kTLSProtocol1Only gives me an -50 error. kSSLProtocolAll gives me error 0.
>
> No, I mean try forcing TLS 1.0 on the /client/. IIRC the server side of Secure Transport has problems negotiating down from TLS 1.2 to TLS 1.0.
>
> One option here is to use the OS X built-in version of <x-man-page://1/s_client>, which uses an old version of OpenSSL that doesn't support TLS 1.2.
Very good. If I don’t specify the protocol with s_client, I get the same SSL-session info as when I use -tls1. I’m able to send from s_client, receive in my server code, respond from server code and receive that response in s_client.
So, given that my clients are web browsers, what are my options?
>
>> FYI, I’m using the OS X 10.6 SDK because I’m stuck in Xcode 3.2.6.
>
>
> Why are you stuck on Xcode 3.2.6?
>
The answer to that question is very complex but suffice to say that I have been working for several years to move our code forward to the current toolset. Unfortunately, I have not reached that goal yet due to a variety of issues over which I have no control (management, QA, etc).
/Mick
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Macnetworkprog mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden