Displaying 1 result from an estimated 1 matches for "android7".
Did you mean:
android
2017 Feb 14
0
openssl 1.1.0d breaks Android7 TLS connects
...s also means
that the
"-no_ecdhe" option has been removed from s_server.
[Kurt Roeckx]
So when the check for OpenSSL 1.1.0 fails, the curve selection will be
forced to use secp384r1 like it would be on older versions.
This curve change during negotiation breaks the connect for Android7
devices. They are not able to negotiate any ECDHE cipher.
The dovecot log shows:
...SSL_accept() failed: error:1417A0C1:SSL
routines:tls_post_process_client_hello:no shared cipher...
but here it is not a cipher problem. Instead it is a curve problem.
This is most relevant if the server is suited w...