Pavel Rochnyak
Pavel Rochnyak
Possible explanation of the cause: https://mta.openssl.org/pipermail/openssl-users/2017-February/005300.html And there is a possible solution: >Thanks. I have added more ciphers using SSL_set_cipher_list(3) and all is fine now.
Can you please try `-cipher` option of `s_client`?
Ok, I will try to compile 1.1.x and play/reproduce the case.
``` root@hs01:/opt/openssl# ./openssl version OpenSSL 1.1.1-pre8 (beta) 20 Jun 2018 root@hs01:/opt/openssl# ./openssl s_client -connect router:8729 -tls1_2 CONNECTED(00000003) depth=0 C = RU, ST = Tomsk, L = Tomsk, O = Router,...
Also no problems to use `-tls1` and `-tls1_1`. Should I check 1.1.0 ?
I think certificate requirement should be mandatory, otherwise "SSL" will be insecure because of possible MITM. ) Ok, will try to check this case too.
yes, w/o certificate it complains with `SSL alert number 40` ``` 3072784704:error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure:ssl/record/rec_layer_s3.c:1557:SSL alert number 40 ```
Also, when no cert is configured then same complain `SSL alert number 40` on version `1.0.1t` (Debian).
>@rpv-tomsk you must specify cipher and tls1 Yes, then it works.
Hi, Can you please take a look into https://github.com/openshwprojects/OpenBK7231T_App/pull/1273 ? I propose several structure changes in power-measurement modules, you might be interested in. Thanks.