I found result of ' gnutls-cli-debug www.evernote.com' show that
Checking for TLS 1.0 support... yes
Checking for TLS 1.1 support... no
Checking fallback from TLS 1.1 to... failed
Checking for TLS 1.2 support... no
'$ gnutls-cli-debug sandbox.evernote.com' shows
Checking for TLS 1.0 support... yes
Checking for TLS 1.1 support... no
Checking fallback from TLS 1.1 to... SSL 3.0
Checking for TLS 1.2 support... no
and sandbox works fine.
But Evernote client for windows works fine on MS windows7.
Because
1. WIndows 7 don't enable TLS1.1/1.2 by default
2. Windows 7 have a mechanism to fall back(close socket and create new connection) to SSLv3/TLSv1 that is not defined in IETF RFC.
My first proposal is implement (1) but fails to accept. So I take an approach (2).
Evernote problem is likely a server problem because openssl and gnutls also fails to connect
with command line utility.
$ openssl s_client -connect www.evernote. com:443
$ gnutls-cli www.evernote.com
both fails to negotiate ssl.
I found result of ' gnutls-cli-debug www.evernote.com' show that
Checking for TLS 1.0 support... yes
Checking for TLS 1.1 support... no
Checking fallback from TLS 1.1 to... failed
Checking for TLS 1.2 support... no
'$ gnutls-cli-debug sandbox. evernote. com' shows
Checking for TLS 1.0 support... yes
Checking for TLS 1.1 support... no
Checking fallback from TLS 1.1 to... SSL 3.0
Checking for TLS 1.2 support... no
and sandbox works fine.
But Evernote client for windows works fine on MS windows7.
Because
1. WIndows 7 don't enable TLS1.1/1.2 by default
2. Windows 7 have a mechanism to fall back(close socket and create new connection) to SSLv3/TLSv1 that is not defined in IETF RFC.
My first proposal is implement (1) but fails to accept. So I take an approach (2).