AnsweredAssumed Answered

Changes in OpenSSL 1.0.2f?

Question asked by Magnus Oskarsson on Feb 2, 2016
Latest reply on Feb 5, 2016 by Magnus Oskarsson



I tried with the new 1.0.2f version of OpenSSL in one of our web applications on one of our test servers. When I run the SSL Labs test before and after the upgrade (from 1.0.2e), I noticed that you with 1.0.2.f get a new information bar "This site works only in browsers with SNI support." which I have never seen before (and you don't get it with 1.0.2e). If you look under "Handshake simulation", you see a "Incorrect certificate because this client doesn't support SNI" message for Android 2.3.7 and IE 8 / XP. I tested IE 7 and 8 via BrowserStack, and our web application still looks to work with them, and the same for an Android 2.3 device, so is this an incorrect "warning" from the SSL Labs test or not? If you have any experience or knowledge on the subject, please share it here. (A note: many of our customers are large companies with VERY conservative IT policies, so unfortunately we are not yet in a position where we can state that these browsers are no longer supported).


Best regards


Magnus Oskarsson