help-gnutls
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Oracle Weblogic 10.3 + gnutls-cli = A TLS fatal...

From: Simon Josefsson
Subject: Re: Oracle Weblogic 10.3 + gnutls-cli = A TLS fatal...
Date: Tue, 16 Feb 2010 14:22:00 +0100
User-agent: Gnus/5.110011 (No Gnus v0.11) Emacs/23.1 (gnu/linux) 
Michael Meyer <address@hidden> writes:

> *** Simon Josefsson <address@hidden> wrote:
>> Nikos Mavrogiannopoulos <address@hidden> writes:
>> > Michael Meyer wrote:
>
>> >>>> http://pastebin.com/f56a825f6
>> >>> gnutls-cli --disable-extensions -p 5556 GFDGFDGSFD -d 4711 -V --priority 
>> >>> "NORMAL:%COMPAT:-VERS-TLS1.1:-CTYPE-OPENPGP"
>> >
>> > He needs to add +ARCFOUR-40 and +RSA-EXPORT as well. They are not
>> > enabled by default.
>
> I've tried with +ARCFOUR-40 but never with +RSA-EXPORT.
>
>> Michael can you try that?  Also try %SSL3_RECORD_VERSION.
>
> gnutls-cli -p 5556 GFDGFDGSFD --priority 
> "NORMAL:%COMPAT:-VERS-TLS1.1:+ARCFOUR-40:+RSA-EXPORT"
>
> That's it. It works. http://pastebin.com/m357f13b2

Do you need all of them?  Try removing each of them until it breaks, and
until you have tried removing all items.

> Any hints how to make this work also with C-code? :) One of our
> C-Developers ask me that. We are looking for the best way to
> *always* get a connection in C? Even if there is something
> "strange" on the remote side.

Call something like this:

rc = gnutls_priority_set_direct (session, "NORMAL:%COMPAT....", NULL);

http://www.gnu.org/software/gnutls/reference/gnutls-gnutls.html#gnutls-priority-set-direct
http://www.gnu.org/software/gnutls/reference/gnutls-gnutls.html#gnutls-priority-init

/Simon
reply via email to
[Prev in Thread] Current Thread [Next in Thread]