Hi nitass,
thanks for your response.
This is my test:
$ openssl s_client -connect 10.40.5.10:443 -reconnect
[...]
No client certificate CA names sent
SSL handshake has read 5934 bytes and written 893 bytes
New, TLSv1/SSLv3, Cipher is AES128-SHA Server public key is 4096 bit Secure Renegotiation IS supported Compression: NONE Expansion: NONE SSL-Session: Protocol : TLSv1.2 Cipher : AES128-SHA Session-ID: D3E36ACF934B950E3924926DA922667B457160FA70B48F9F43A11CD252A7A6B6 Session-ID-ctx:
Key-Arg : None
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1429892007
Timeout : 300 (sec)
Verify return code: 20 (unable to get local issuer certificate)
drop connection and then reconnect CONNECTED(00000003)
New, TLSv1/SSLv3, Cipher is AES128-SHA Secure Renegotiation IS supported Compression: NONE Expansion: NONE SSL-Session: Protocol : TLSv1.2 Cipher : AES128-SHA Session-ID: D3E36ACF93495B1A3924926DA922657A2690A7AA1352D4B443A11CD252A7A6B9 Session-ID-ctx:
Key-Arg : None
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1429892008
Timeout : 300 (sec)
Verify return code: 20 (unable to get local issuer certificate)
[...]
Can you show the config of the client SSL profile?
I suspect that it can be related with the protocol used in the cipher suite.
Regards,