Frustration

Michael Simms Sat, 4 Sep 1999 22:07:30 -0700
Hi

<disclaimer>
I dont know much about encryption. I have tried to learn about using open SSL
from examples and documentation
</disclaimer>

I am stuck. In a word

I am trying to create an SSL connection to a secure webserver. It just
isnt working.

Now, I have got some connections working, but the really important one
just isnt happening. This is needed by me so I can set up a link to a
secure credit card server I am dealing with.

The following is the code I use to negotiate the connection:


  SSL_CTX *ctx;
  SSL *ssl=0;
  SSL_METHOD *ssl_meth=0;

  SSLeay_add_all_algorithms();
  SSL_load_error_strings();

  ssl_meth=SSLv23_method();
  ctx = SSL_CTX_new(ssl_meth);
  ssl = SSL_new(ctx);

  SSL_set_fd(ssl,fd);

  if (SSL_connect(ssl)==-1)
    return -1;

  return ssl;
}

This seems to work FINE on most servers, however on one, it doesnt. I
try and connect, and I get a positive connection. I try and send
anything to it in SSL_write, I get 

22680:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:s23_lib.c:203:

So, in the example, I am given the following as a way to check the
cipher (which is what it is using to encrypt everything, right?)

printf ("SSL connection using %s\n", SSL_get_cipher (ssl));

And I get:
SSL connection using (NONE)

Now, I looked at http://www.netcraft.com/sslwhats/?host=www.multicards.com

This told me that the server I am querying supports the following:

Apache/1.2.6 BSafe-SSL/1.1 FrontPage/3.0.4

    Supported SSL ciphers: 
        RC4 with MD5 
        RC4 with MD5 (export version restricted to 40-bit key) 
        RC2 with MD5 
        RC2 with MD5 (export version restricted to 40-bit key) 
        DES with MD5 
        Triple DES with MD5 
        RC4-64-MD5

Now these are the SAME ciphers as another site I tried that works!

Am I doing something wrong? Is this site just being more strict than
others about letting me send data to it? What can I do?

The site in question is https://www.multicards.com

If anyone has any idea how to solve this I would be very grateful, I
have been working on this for two days now, and I have my job riding
on being able to fix this.

Thanks

                                        M Simms
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]
Frustration

Reply via email to
