GNOME Bugzilla – Bug 527633
Unable to connect to https url with TLS 1.0
Last modified: 2009-11-24 15:48:28 UTC
The SSL off loading appliance in front of our Exchange server currently can only do TLS 1.0. When I attempt to connect to it using Evolution Exchange 2.22.x it instantly fails. I've confirmed by sniffing the traffic that it attempts to make the connection using TLS1.1 and doesn't fall back to TLS1.0.
which exact libsoup version is used, which distribution is this? can you provide the sniffing output (please remove any confidential data) that shows the failure?
(In reply to comment #1) > which exact libsoup version is used, which distribution is this? > can you provide the sniffing output (please remove any confidential data) that > shows the failure? I've reproduced the issue using the Fedora 9 beta releases (libsoup 2.4.1-1.fc9), but we have reports of the problem from GenToo users and people testing the upcoming Ubuntu releases. It might take me a little while to clean up the tcpdump. Basically it just shows the connection from Evolution initiated as TLS1.1 and no further traffic after it fails. I'll see if I can include the response from the SSL off loader here as that'll probably take less time anyway.
Dan, is this the same as bug #581342, please? It seems to me, but I'm not sure.
Yes, and it's fixed in libsoup 2.28. (We actually skip both TLS 1.1 and TLS 1.0 now, and go with just SSL 3.0, which everyone supports, because $@!#$! PayPal can't do anything more modern than that.)
Thanks, then I'm marking this as a duplicate. *** This bug has been marked as a duplicate of bug 581342 ***