On 5/06/2012 7:05 p.m., alextouch wrote:
>
>> It is most likely that your clients browsers or SSL libraries are
>> missing AES-256 support or are getting stuck negotiating to use a
>> version of TLS/SSL which supports it.
>>
>> Amos
>>
> Ok, but if I turn off proxy setting in clients and allow a direct connection
> to the internet, all works well.
> So I think there is something strange in my proxy machine/configuration that
> denies some packets to flow correctly through it.
> Client-side, if I leave proxy enabled and try to contact aes-256 sites, in
> netstat I can see the connection in SYN_SENT state, so that I think that
> somewhere some packets are dropped...
Just SYN_SENT? no TCP connection completed and CONNECT HTTP request
sent? (all that has to happen *before* the first octet of TLS starts)
Very strange.
Amos
Received on Tue Jun 05 2012 - 08:41:02 MDT
This archive was generated by hypermail 2.2.0 : Tue Jun 05 2012 - 12:00:03 MDT