"Unexpected SSL error (in handshake): 1" when using port 443 and TLS about stud HOT 5 CLOSED

Please try using the -tls1 flag to openssl s_client, or run stud with --ssl. Reopen if that doesn't solve your problem. I can't quite explain the port number other than maybe assumptions change if it's not running in the port typically reserved for HTTPS services (which are, generally, speaking SSLv23).

from stud.

On Wed, Oct 12, 2011 at 06:55:15PM -0700, Jamie Turner wrote:

Please try using the -tls1 flag to openssl s_client, or run stud with
--ssl. Reopen if that doesn't solve your problem. I can't quite explain
the port number other than maybe assumptions change if it's not running in
the port typically reserved for HTTPS services (which are, generally,
speaking SSLv23).

But OpenSSL is only one of the problem clients -- any browser I tried had the
exact same issue. Is really the default stud configuration supposed to be
unusable with a browser?

/* Steinar */

Homepage: http://www.sesse.net/

from stud.

Yes, many browsers are unhappy if you're not serving SSLv23. stud was originally designed to tunnel TLS things generically, not just to serve HTTPS.

from stud.

I can put a larger note on the README to clarify things.

from stud.

Done. And just to be explicit about the reasoning of default behavior:

• Stud is a secure tunneler of any socket service. The world is not all web browsers and web servers.
• The default configuration is to tunnel that service over the best available protocol, TLSv1.
• If some deployed agent constrains the ability to use TLSv1 (as browsers do), SSLv23 can be used instead by simply providing the --ssl option to stud

Hopefully that clears things up.

from stud.