Hi again,
My openssl is openssl-0.9.8c-4, and SNOM 360 firmware is latest 6.5.2. I also found that somebody had problems with certificate bit size (2048/512), so generated totally new 1024 CA and 1024 certificate request, but still no luck with SNOM. ssldump seems like this:
Thanks for any hints / tips, -Mika
-- clip -- 1 1 0.0710 (0.0710) C>S Handshake ClientHello Version 3.1 cipher suites TLS_RSA_WITH_RC4_128_MD5 TLS_RSA_WITH_RC4_128_SHA TLS_RSA_WITH_NULL_MD5 TLS_RSA_WITH_NULL_SHA TLS_DH_anon_WITH_3DES_EDE_CBC_SHA TLS_DH_anon_WITH_RC4_128_MD5 TLS_RSA_WITH_DES_CBC_SHA TLS_RSA_EXPORT1024_WITH_RC4_56_SHA TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA TLS_DH_anon_WITH_DES_CBC_SHA compression methods NULL 1 2 0.0780 (0.0069) S>C Handshake ServerHello Version 3.1 session_id[32]= 0e 74 fa c8 ed 22 e1 8b 0c ad aa ce f0 70 a0 a9 d6 5c d1 23 14 06 fc 37 9b 2d 7c 89 73 1c 0b 80 cipherSuite TLS_RSA_WITH_RC4_128_SHA compressionMethod NULL 1 3 0.0780 (0.0000) S>C Handshake Certificate 1 4 0.0780 (0.0000) S>C Handshake CertificateRequest certificate_types rsa_sign certificate_types dss_sign certificate_types unknown value ServerHelloDone 1 5 0.3278 (0.2498) C>S Handshake Certificate 1 6 0.3278 (0.0000) C>S Handshake ClientKeyExchange 1 7 0.3278 (0.0000) C>S ChangeCipherSpec 1 8 0.3278 (0.0000) C>S Handshake 1 9 0.3280 (0.0002) S>C Alert level fatal value handshake_failure 1 0.3284 (0.0003) S>C TCP RST -- clip --