[squid-users] OT: why does openssl-1.0.1f not like https://www.bnz.co.nz/?
Jason Haar
Jason_Haar at trimble.com
Thu Nov 13 02:22:36 UTC 2014
On 13/11/14 15:04, Amos Jeffries wrote:
> Sounds to me like they are using SSLv3 in their server.
Yes but "openssl s_client -tls1" also works, it just appears that
openssl cannot negotiate it - it has to be hardwired
> Lookup "SSLv3 POODLE" for what is happening in that area.
I thought it would be related, so it appears the newest version of
openssl cannot talk to some servers that "only" support TLSv1.0? That
doesn't sound right...
But as you say, once the browsers start breaking, I bet sites will
rapidly get upgraded. Hard to believe, but right now the Bank of New
Zealand doesn't support TLSv1.1, let alone TLSv1.2!
--
Cheers
Jason Haar
Corporate Information Security Manager, Trimble Navigation Ltd.
Phone: +1 408 481 8171
PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1
More information about the squid-users
mailing list