[stunnel-users] the connection had to be retried using SSL 3.0. This typically means that the server is using very old software and may have other security issues :(
Michal.Trojnara at mirt.net
Fri Apr 6 12:53:46 CEST 2012
Thomas Manson wrote:
> gmail for example has AES_128_CBC for crypting,
> can we get that without much effort?
Of course. The option you want is:
ciphers = AES128-SHA
BTW: Bear in mind that CBC-based ciphers are vulnerable to the Beast
attack, and thus *less* secure than stunnel default.
More information about the stunnel-users