A client we are connecting to are upgrading to make their platform SHA-2/TLS1.2 compliant.
In accordance with this I am trying to test to ensure that we're able to connect this way in the above version. The docs indicate that the connection will negotiate with the server for the highest version available and use that.
How ever it's unclear which SSL protocols this version of the chilkat.http module support, and we are receiving the following error:
Gateway.S3Ssl is set to true. (docs note: If True, Chilkat uses TLS 1.2) Gateway.SslProtocol is set to default. Gateway.SetSslClientCertPem returns true also.
Can anyone advise why we are failing to read beginning of SSL/TLS record and if this is even related to TLS version?
asked Oct 25 '16 at 12:04
You're using a very old version of Chilkat. The solution is to update to the latest version.
If the server finds all of the options (protocol version, cipher suites, etc.) listed in the ClientHello as unacceptable, then it will (likely) immediately disconnect. You're using a very old version of Chilkat, and much has been added to TLS since 4 years ago.
Also... 4 years from now, I'm sure there will be servers with stringent requirements that won't accept this current October 2016 version of Chilkat, but given that Chilkat will keep up to date, the October 2020 version will be fine. In general, when there's a chance in the development schedule to update to a later version of Chilkat, it is wise to do so. The external world of servers and protocols is not stationary. You don't want to wait 4 years before updating. It's best to update on a more frequent schedule, even if once per year.
answered Oct 26 '16 at 09:37