cURL / Mailing Lists / curl-library / Single Mail

curl-library

Re: curl 7.19.5 with GnuTLS/2.8.3 fails SSL (AES256-SHA) unless SSLv3 explicitly set

From: Kamil Dudka <kdudka_at_redhat.com>
Date: Mon, 21 Jun 2010 00:24:06 +0200

On Sunday 20 of June 2010 23:56:12 Octavius Gracchus wrote:
> suggested fix: if linked with GnuTLS, activate SSLv3 automatically.

So you hit a broken server and setting the SSL version back to SSLv3
solved _your_ problem. But that's not reason for us to use SSLv3 by
default. Generally TLSv1 is preferred over the previous versions of
SSL because it's more secure etc.

You may consider using libcurl over NSS as there is implemented
an automatic fallback to SSLv3 if the handshake fails with certain
errors. But again, that's only a workaround for broken _servers_.

Kamil
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2010-06-21

This message: [ Message body ]
Next message: Hanmei.Zhang_at_t-systems.com: "Need urgend help to use libcurl to transfer zip file via FTP"
Previous message: Octavius Gracchus: "curl 7.19.5 with GnuTLS/2.8.3 fails SSL (AES256-SHA) unless SSLv3 explicitly set"
In reply to: Octavius Gracchus: "curl 7.19.5 with GnuTLS/2.8.3 fails SSL (AES256-SHA) unless SSLv3 explicitly set"
Next in thread: Daniel Stenberg: "Re: curl 7.19.5 with GnuTLS/2.8.3 fails SSL (AES256-SHA) unless SSLv3 explicitly set"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]