-
Bug
-
Resolution: Fixed
-
P3
-
1.4.0
-
rc
-
generic
-
generic
****
Submitter did not understand the intent of SSLv2Hello. This should
be clarified, and include the effects of what happens on both client
and server sides.
Brad
****
When disabling "SSLv2Hello" on the server (by calling
javax.net.ssl.SSLServerSocket.setEnabledProtocols with a string array
containing "SSLv3" and "TLSv1"), I get this exception:
javax.net.ssl.SSLHandshakeException: SSLv2Hello is disabled
on the server when the client initiates a handshake.
In order for this to work, I also need to explicitly disable
"SSLv2Hello" on the client.
Submitter did not understand the intent of SSLv2Hello. This should
be clarified, and include the effects of what happens on both client
and server sides.
Brad
****
When disabling "SSLv2Hello" on the server (by calling
javax.net.ssl.SSLServerSocket.setEnabledProtocols with a string array
containing "SSLv3" and "TLSv1"), I get this exception:
javax.net.ssl.SSLHandshakeException: SSLv2Hello is disabled
on the server when the client initiates a handshake.
In order for this to work, I also need to explicitly disable
"SSLv2Hello" on the client.