[openssl-users] Broken ChangeCipherspec record in TLS 1.2 with OpenSSL 1.0.2d?
Paul Hebert
pauljosephhebert at gmail.com
Thu Aug 6 12:48:33 UTC 2015
We are using a wildcard certificate requiring SNI and are also requiring
client certificate authentication.
Our TLS 1.2 client is seeing a ChangeCipherspec record with length 30 bytes
(x19) instead of the expected 0x01. The broken ChangeCipherspec record
looks like this (hex) *14 03 03 00 01 19*. Is this a problem with the TLS
1.2 client, or a problem with the OpenSSL 1.0.2d patch (for CVE-2015-1793)?
Thanks,
Paul Hebert/State University of New York
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20150806/39449ec9/attachment.html>
More information about the openssl-users
mailing list