Hi,

We are trying to send POST request to an https url using libcurl. The
remote https server only accepts SSLv3 & TLS 1.0.

Our libcurl client always tries to initiate the request with TLS 1.2
and fails the handshake.

I tried with below option to force protocol & cipher manually.

curl_easy_setopt(m_pCurl, CURLOPT_SSLVERSION,CURL_SSLVERSION_SSLv3);
curl_easy_setopt(m_pCurl, CURLOPT_SSL_CIPHER_LIST, (char*)"SSLv3");

This works fine on Linux64, but on AIX machine there is no effect. It
still shows the same handshake failure. On windows64, without above
enforcement itself it works.

* About to connect() to testing.com port 443 (#4)
* Trying 200.200.200.200...
* Adding handle: conn: 0x114c5ad70
* Adding handle: send: 0
* Adding handle: recv: 0
* Curl_addHandleToPipeline: length: 1
* - Conn 4 (0x114c5ad70) send_pipe: 1, recv_pipe: 0
* Connected to testing.com (200.200.200.200) port 443 (#4)
* successfully set certificate verify locations:
* CAfile: /home/csiqueir/s.crt
  CApath: none
* error:14077102:SSL routines:SSL23_GET_SERVER_HELLO:unsupported protocol
* Closing connection 4

Above is the debug verbose log we get during failure. I captured the
https traffic, Client starts with TLS1.2 Hello, Server with SSLv3 and
then Client fails the handshake as attached files.

versions are -
libcurl - 7.30.0_K
openssl - 1.0.1_M

Can anybody help me out with this issue ? I'm stuck with this almost
from 1 month.

Any pointers would be great.

Thanks,
Vamsi

-------------------------------------------------------------------
List admin: https://cool.haxx.se/list/listinfo/curl-library
Etiquette: https://curl.haxx.se/mail/etiquette.html