Re: [exim] Can't do TLS between two exim 4.80

Top Page
Delete this message
Reply to this message
Author: Viktor Dukhovni
Date:  
To: exim-users
Subject: Re: [exim] Can't do TLS between two exim 4.80
On Sat, Nov 09, 2013 at 10:59:04PM +0000, Viktor Dukhovni wrote:

> This happens even with an SSLv2 HELLO, so it is something about
> the client cipherlist, not the TLS extensions.


Note, even with a cipherlist consisting of just AES128-SHA (openssl
name), which should work across the board, I find that it works
only with SSLv3, TLSv1 and TLSv1.1, no ciphers seem to work when
TLSv1.2 is supported by the client.

Thus I would say that the server's TLS library is rather badly
broken, or there is some sort of network device in front of the
server (firewall, ...) that blocks TLSv1.2

-- 
    Viktor.