trafficserver-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From James Peach <jpe...@apache.org>
Subject Re: Centos 5.8 and Traffic Server SSL
Date Thu, 28 Jul 2016 09:59:09 GMT

> On Jul 22, 2016, at 11:23 PM, Steve Malenfant <smalenfant@gmail.com> wrote:
> 
> So there is absolutely no way I can connect a Centos 5 client to ATS/https?

I don’t know why this wouldn’t work, but it can be difficult to debug what is hindering
the negotiation. I’d start attacking this by taking a packet trace of a working TLS session
to see what is negotiating successfully. That will give you a target for what you have to
do on the ATS side.

>  
> 
> All my tests were on internal networks in the lab. This would eventually needs to connect
on external networks (on ACLs), but this is simply trying to run a proof of concept.
> 
> Thanks,
> 
> 
> On Fri, Jul 22, 2016 at 9:16 AM, Reindl Harald <h.reindl@thelounge.net> wrote:
> 
> 
> Am 22.07.2016 um 15:02 schrieb Steve Malenfant:
> I'm trying to connect and older proprietary system running on Centos 5.8
> to an internal CDN running ATS 5.3.2 via https. Somehow I can connect to
> a bunch of different sites, but not to ATS.
> 
> I don't know much about SSL, but I can't get pass initial handshake
> which is saying there is "no shared ciphers"
> 
> i fear the TLS support in CentOS 5 is a dead road these days
> CentOS6 has acceptable backports - but CentOS5 - no
> 
> why does the CentOS5 sit outside and connect via TLS to internal machines running ATS?
normally you are doing things the other way - having internal nodes without TLS and use ATS
for SSL offloading so that oldm oputdated stuff is not exposed to the internet
> 
> 


Mime
View raw message