[gnutls-help] SSL Hanshake error

Niranjan Rao nhrdls at gmail.com
Thu Nov 13 17:34:29 CET 2014

Thank you Nikos,

Unfortunately, I don't much about tls. If I want to use this in webkit, 
any idea what do I need to do?



On 11/13/2014 12:08 AM, Nikos Mavrogiannopoulos wrote:
> On Thu, Nov 13, 2014 at 3:27 AM, Niranjan Rao <nhrdls at gmail.com> wrote:
>> Greetings,
>> I am getting ssl handshake error while visiting site
>> https://www.pge.com/eum/login and some other sites using Webkit GTK 2.2.6 on
>> Ubuntu 12.04. I am really not certain which version of TLS library is
>> getting used, but it appears that glib-networking version is 2.36.1.
>> I raised the question on webkit gtk list and nice person
>> mcatanzaro at igalia.com did some initial steps for debugging the issue and
>> directed me to this mailing list for support. Following mail contains his
>> analysis.
> Hi,
>   It seems that following poodle many sites incorrectly banned SSL 3.0
> record packet versions. Since gnutls uses an SSL 3.0 record to
> advertise TLS 1.2, they are effectively banning it even if it doesn't
> advertise SSL 3.0. That is a server issue, but it can be worked around
> by using the modifier %LATEST_RECORD_VERSION, e.g.,
> gnutls-cli www.pge.com --priority "NORMAL:%LATEST_RECORD_VERSION"
> should work.
> That seems like a good opportunity to make that the default.
> regards,
> Nikos

More information about the Gnutls-help mailing list