[gnutls-devel] GnuTLS not working with AXA !?
Nikos Mavrogiannopoulos
nmav at gnutls.org
Fri Jan 16 13:54:33 CET 2015
On Fri, Jan 16, 2015 at 1:27 PM, Tim Ruehsen <tim.ruehsen at gmx.de> wrote:
> Hi,
> while testing, I stumbled upon www.axa.co.uk.
> $ gnutls-cli -d3 -V www.axa.co.uk
It is one of the broken servers described in:
http://lists.gnutls.org/pipermail/gnutls-help/2014-November/003673.html
This server is also even more special since it also doesn't accept TLS
1.2 on the record version (thus using %LATEST_RECORD_VERSION hack
breaks it too). The server's TLS implementation is designed to work
only with fallback dance that browsers use. Anyway, for this type of
servers I have modified gnutls 3.3.x branch to not use an SSL 3.0
record version, if SSL 3.0 is disabled. I don't see any other work
around possible.
regards,
Nikos
More information about the Gnutls-devel
mailing list