Oracle Weblogic 10.3 + gnutls-cli = A TLS fatal...
Michael Meyer
mime at gmx.de
Tue Feb 16 15:34:03 CET 2010
*** Simon Josefsson <simon at josefsson.org> wrote:
> Michael Meyer <mime at gmx.de> writes:
> >> Michael can you try that? Also try %SSL3_RECORD_VERSION.
> >
> > gnutls-cli -p 5556 GFDGFDGSFD --priority "NORMAL:%COMPAT:-VERS-TLS1.1:+ARCFOUR-40:+RSA-EXPORT"
> >
> > That's it. It works. http://pastebin.com/m357f13b2
>
> Do you need all of them?
Yes.
> Try removing each of them until it breaks, and
> until you have tried removing all items.
I did. ;) If even one option is away, it no longer works.
> > Any hints how to make this work also with C-code? :) One of our
> > C-Developers ask me that. We are looking for the best way to
> > *always* get a connection in C? Even if there is something
> > "strange" on the remote side.
>
> Call something like this:
>
> rc = gnutls_priority_set_direct (session, "NORMAL:%COMPAT....", NULL);
>
> http://www.gnu.org/software/gnutls/reference/gnutls-gnutls.html#gnutls-priority-set-direct
> http://www.gnu.org/software/gnutls/reference/gnutls-gnutls.html#gnutls-priority-init
Ok. I'll pass the information to our C-developers. It seems that we
need some deeper knowledge about GnuTLS in our project (http://openvas.org).
Anybody interested to help? ;)
Micha
More information about the Gnutls-help
mailing list