Mailing List Archive

[lvs-users] Test weak SSL ciphers with LVS
Hello,

I try to test weak ciphers on my LVS-TUN setup, the weak cipher is explicitly disabled on the real servers (RIP) and when checking directly with the RIP, no handshake was made, which is good and expected. However, when checking with the VIP, a good handshake was made (unexpected). Since LVS is Layer 4, I wonder why there is this difference.

openssl s_client -connect RIP:443 -cipher DES
=> no handshake, expected

openssl s_client -connect VIP:443 -cipher DES
=> good handshake, unexpected

Thanks
_______________________________________________
Please read the documentation before posting - it's available at:
http://www.linuxvirtualserver.org/

LinuxVirtualServer.org mailing list - lvs-users@LinuxVirtualServer.org
Send requests to lvs-users-request@LinuxVirtualServer.org
or go to http://lists.graemef.net/mailman/listinfo/lvs-users