DTLS disabled on server?

David Woodhouse dwmw2 at infradead.org
Mon Oct 3 12:35:28 PDT 2016

On Mon, 2016-10-03 at 21:24 +0200, Peter Brant wrote:
> AES128-SHA
> AES256-SHA
> The server is now returning X-DTLS-CipherSuite: AES256-SHA.
> I must confess my knowledge of encryption is rudimentary. Is the High
> selection even reasonable? If so, might it be supported in a later
> version of OpenSSL?

It'll work today. Can you build the client with OpenSSL and just try
adding '--dtls-ciphers DHE-RSA-AES256-SHA' or
'--dtls-ciphers DHE-RSA-AES128-SHA' on the command line?

If that's working, I'll try to fix it for the GnuTLS build too.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 5760 bytes
Desc: not available
URL: <http://lists.infradead.org/pipermail/openconnect-devel/attachments/20161003/a7dacae5/attachment.bin>

More information about the openconnect-devel mailing list