The goal is to perform load testing of the Web server via HTTPS, which is configured to work on GOST algorithms. On a server with an openssl ciphers tank, openssl ciphers issues a list of which is GOST. I started the load test and in the intercepted traffic you can see that the Handshake does not pass: in the Client Hello message in the Cipher suites list, there is no GOST. When executing the openssl s_client -connect ipserver:port -key gosrPrivate.pem -cert gostCert.pem -msg from the server with the GET tank, the request is successful. What could be the problem?
r2d2 r2d2
637 3 silver marks 12 bronze marks
|
1 answer
Cave in support for client ciphers and certificates
Try to put a phantom and a tank from the repositories?
r2d2 r2d2
637 3 silver marks 12 bronze marks
- if the gost engine is connected with the /etc/ssl/openssl.conf config, phantom ignores it. That is, you need something like this: r2d2 @ ubuntu: ~ / phantom $ git diff pd / ssl / ssl.C -U1 diff - git a / pd / ssl / ssl.C b / pd / ssl / ssl. C index a0c9774..77c8c47 100644 --- a / pd / ssl / ssl.C +++ b / pd / ssl / ssl.C @@ -17.6 +17.7 @@ #include <openssl / engine. h> + # include <openssl / conf.h> @@ -48.6 +49.7 @@ struct mgr_t {inline mgr_t () throw () {+ OPENSSL_config (NULL); SSL_library_init (); r2d2 @ ubuntu: ~ / phantom $ - r2d2
|