curl-library
Re: curl 7.19.5 with GnuTLS/2.8.3 fails SSL (AES256-SHA) unless SSLv3 explicitly set
Date: Mon, 21 Jun 2010 00:24:06 +0200
On Sunday 20 of June 2010 23:56:12 Octavius Gracchus wrote:
> suggested fix: if linked with GnuTLS, activate SSLv3 automatically.
So you hit a broken server and setting the SSL version back to SSLv3
solved _your_ problem. But that's not reason for us to use SSLv3 by
default. Generally TLSv1 is preferred over the previous versions of
SSL because it's more secure etc.
You may consider using libcurl over NSS as there is implemented
an automatic fallback to SSLv3 if the handshake fails with certain
errors. But again, that's only a workaround for broken _servers_.
Kamil
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2010-06-21