Question about handshake error

Kurt Roeckx kurt at
Wed Mar 11 13:18:25 UTC 2020

On Wed, Mar 11, 2020 at 12:15:32PM +0000, Matt Caswell wrote:
> I *think* what is happening is the server is checking the chain it has
> been configured with, spotting that it includes a SHA1 based signature
> and therefore refusing to respond at all because the client has not
> indicated SHA1 support. IIRC openssl is a little less strict in this
> regards and would send the certificate anyway if it doesn't have a
> better alternative.

That seems to be the same as:


More information about the openssl-users mailing list