New issue 1229 by etienne....@gmail.com: HTTPS connection in Chromium
fallback to SSL 3.0
http://code.google.com/p/cherokee/issues/detail?id=1229
What steps will reproduce the problem?
1. Configure the server to use TLS/SSL, set the port (443), add the key &
certificate.
2. Visit a page of the site under HTTPS in Chromium.
3. Click the lock icon in the URL bar to see the site information
What is the expected output? What do you see instead?
No warning (use TLS). But I have this warning :
Your connection to 192.168.2.13 is encrypted with 256-bit encryption.
The connection uses SSL 3.0.
The connection is encrypted using AES_256_CBC, with SHA1 for message
authentication and DHE_RSA as the key exchange mechanism.
The connection is not compressed.
The connection had to be retried using SSL 3.0. This typically means that
the server is using very old software and may have other security issues.
What version of the product are you using? On what operating system?
0.99.39 AND 1.2.98 on Ubuntu 10.04 with OpenSSL 0.9.8k.
Please provide any additional information below.
_______________________________________________
Cherokee-dev mailing list
Cherok...@lists.octality.com
http://lists.octality.com/listinfo/cherokee-dev
More info on possible cause in comment 4 here:
http://code.google.com/p/chromium/issues/detail?id=72716
Comment #2 on issue 1229 by alobbs: HTTPS connection in Chromium fallback
Everything works as expected on Trunk now (1.2.99 plus a few patches).
Thank you very much for reporting!!
Attachments:
Cherokee-Chrome-TLS_1.png 13.2 KB