Is there any one who success handshaking with tls_server? (1221, 1222, 1223)

[Jung Bin Kim]

Hi. guys.

Is there any one who success handshaking with tls_server?

It's under the test cases 1221, 1222 and 1223 of ATNA (may be more).

I've tried many other tls client program to connect the mesa tls server.

But, always the error comes up at the mesa tls_server.

        ERROR

or

        ERROR E: Unable to complete handshake, ready to loop around for new connection

I can't figure it out what makes the problem. (I'm tied it up for 2 weeks)

Plz, tell me what drives me crazy.  :(

I wish your answers (if you may have).

Regards

Ben

[Yonatan Maman]

Hi

I've managed to pass those tests.
One problem that I had to solve is how to configure the client to work with
the cipher suite TLS_RSA_WITH_NULL_SHA . The mesa TLS server is configured
to work with the cipher suite.
In addition make sure that you are working with TLS protocol.

Hope it helps
Yonatan Maman
-------------------------------------
IBM Haifa Research Labs
Tel: 972-4-8281039
E-mail: yma...@il.ibm.com

Jung Bin Kim
<bineq@infinitt.c
om> To
ihe...@rsna.org
29/11/06 08:04 cc

Subject
Please respond to Is there any one who success
Jung Bin Kim handshaking with tls_server? (1221,
<bineq@infinitt.c 1222, 1223)
om>

[jim.cha...@agfa.com]

What version of the Mesa software are you running?  I had a similar problem that went away when I upgraded to Mesa 10.9.0.

Jim

Jung Bin Kim <bi...@infinitt.com> 11/29/2006 01:04 AM Please respond to Jung Bin Kim <bi...@infinitt.com>

To ihe...@rsna.org cc Subject Is there any one who success handshaking with tls_server? (1221, 1222, 1223)

[Charpentier, Yvan]

What are you using to connect?

I am using C# and SslStream. When I connect to the tls_server, it goes
to consume 100% CPU and never comes back.

Was anyone on Windows able to connect to the tls_server using native
APIs (ie no OpenSSL wrappers)?

-Yvan
NextGen Healthcare

[Yonatan Maman]

I used IBM JDK 1.4.2 and Sun's JDK 1.5 (on Linux and Windows) : both
worked fine after configuring the JSSE2 (Java Secure Socket Extension)
provider.

10x,

Yonatan Maman
-------------------------------------
IBM Haifa Research Labs
Tel: 972-4-8281039
E-mail: yma...@il.ibm.com

"Charpentier,
Yvan"
<YCharpentier@nex To
tgen.com> Yonatan Maman/Haifa/IBM@IBMIL,
"Jung Bin Kim" <bi...@infinitt.com>
29/11/06 16:49 cc
<ihe...@rsna.org>
Subject
Please respond to RE: Is there any one who success
"Charpentier, handshaking with tls_server? (1221,
Yvan" 1222, 1223)
<YCharpentier@nex
tgen.com>

[Nuno Pina Cabral]

Hi Yvan,

We succeeded on Windows using OpenSSL.
Make sure your system is configured to use the certification list provided
by Steve Moore and that you use the correct ciphersuite:
TLS_RSA_WITH_NULL_SHA.

Regards,

Nuno

[Glenn Deen]

Yvan,

We've also been able to pass the tests as well using Java's SSL.

Glenn Deen, Computer Science
IBM Almaden Research Center - San Jose California
gl...@almaden.ibm.com (408)927-3910/(tie)457-3910

"Nuno Pina Cabral" <nuno.pin...@mni.pt> 11/29/2006 07:49 AM Please respond to "Nuno Pina Cabral" <nuno.pin...@mni.pt>

To "'Charpentier, Yvan'" <YCharp...@nextgen.com>, "'Yonatan Maman'" <YMA...@il.ibm.com>, "'Jung Bin Kim'" <bi...@infinitt.com> cc

[Jung Bin Kim]

Hi. Jim

I'm under the mesa 10.9.0 the latest version.

The client runs under the .NET Framework with C#.

Thanks.

Regards.

Ben.

jim.cha...@agfa.com 11/29/2006 10:42 PM

수신인 Jung Bin Kim <bi...@infinitt.com> 참조인 ihe...@rsna.org 제목 Re: Is there any one who success handshaking with tls_server? (1221, 1222, 1223)

[Jung Bin Kim]

Hi. Maman

I' sorry to answer you too late.

As I know, our system uses the cipher suite TLS_RSA_WITH_NULL_SHA.

I'll check it more and let you know.

Thanks.

Regards.

Ben

Yonatan Maman <YMA...@il.ibm.com> 11/29/2006 03:57 PM

수신인 Jung Bin Kim <bi...@infinitt.com> 참조인 ihe...@rsna.org 제목 Re: Is there any one who success handshaking with tls_server? (1221, 1222, 1223)

[Jung Bin Kim]

Hi Yvan

I am also using C# with Org.Mentalis.Security.dll (and so on, SSLBlackBox and something)

Org.Mentalis.Security is kind of a SSL/TLS Helper class what I found on the web.

I've encountered the consuming 100% CPU problem too.

I think the problem occurs during the handshaking between client and server.

But, it's ok between the mesa tls client and the mesa tls server.

What you think about?

Thanks

Regards.

Ben.

"Charpentier, Yvan" <YCharp...@nextgen.com> 11/29/2006 11:49 PM

수신인 "Yonatan Maman" <YMA...@il.ibm.com>, "Jung Bin Kim" <bi...@infinitt.com> 참조인 <ihe...@rsna.org> 제목 RE: Is there any one who success handshaking with tls_server? (1221, 1222, 1223)

[Karen Witting]

I have not been able to connect to the tls server on mesa (test 1221, 1222, 1223) but I successfully connected to the NIST TLS server.

When I connect to the mesa tls server my client and the mesa server hang.  We tried a module which previously passed the mesa tls testing and it is now hanging.  I suspect that a bug in the tls server has been introduced in a later release of mesa.  

We opened Flyspray bug #96 on this issue.

Karen

Jung Bin Kim <bi...@infinitt.com>

11/29/2006 01:04 AM Please respond to Jung Bin Kim <bi...@infinitt.com>

To ihe...@rsna.org cc Subject Is there any one who success handshaking with tls_server? (1221, 1222, 1223)

[rita.n...@softmedical.com]

hi all,
to pass the handshake for test number 1221
add the mesa unregistered certificate in your application trusted store

the mesa server seems to use this one

Rita