From 5ef24a806d0c74920fbfbb930c40f460a62688bd Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Wed, 14 Aug 2013 16:34:17 +0100 Subject: [PATCH] Add the server 'hang' issue to the FAQ --- FAQ | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/FAQ b/FAQ index df681c8168..612e33060c 100644 --- a/FAQ +++ b/FAQ @@ -35,6 +35,7 @@ OpenSSL - Frequently Asked Questions * What is a "128 bit certificate"? Can I create one with OpenSSL? * Why does OpenSSL set the authority key identifier extension incorrectly? * How can I set up a bundle of commercial root CA certificates? +* Some secure servers 'hang' with OpenSSL 1.0.1, is this a bug? [BUILD] Questions about building and testing OpenSSL @@ -491,6 +492,16 @@ bundle used by Mozilla and/or modssl as described in this article: +* Some secure servers 'hang' with OpenSSL 1.0.1, is this a bug? + +OpenSSL 1.0.1 is the first release to support TLS 1.2, among other things, +this increases the size of the default ClientHello message to more than +255 bytes in length. Some software cannot handle this and hangs. For more +details and workarounds see: + + + + [BUILD] ======================================================================= * Why does the linker complain about undefined symbols? -- 2.40.0