On Sat, Nov 09, 2013 at 10:59:04PM +0000, Viktor Dukhovni wrote:
> This happens even with an SSLv2 HELLO, so it is something about
> the client cipherlist, not the TLS extensions.
Note, even with a cipherlist consisting of just AES128-SHA (openssl
name), which should work across the board, I find that it works
only with SSLv3, TLSv1 and TLSv1.1, no ciphers seem to work when
TLSv1.2 is supported by the client.
Thus I would say that the server's TLS library is rather badly
broken, or there is some sort of network device in front of the
server (firewall, ...) that blocks TLSv1.2
--
Viktor.
