-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi
I've just started my first project involving SSL, but sadly all is not rosy in
the OpenSSL garden. Perhaps you can help me out?
My server performs these OpenSSL library calls:
1. sslctx = SSL_CTX_new( SSLv3_server_method() );
2. SSL_CTX_use_RSAPrivateKey_file( sslctx, "/root/.saturn/rsa.pem",
SSL_FILETYPE_PEM );
3. ssl = SSL_new( sslctx );
4. SSL_set_fd( ssl, clientfd );
5. SSL_accept( ssl );
The problem is that the server and client can't seem to agree on a common
cipher: both sides show (the same) large list of available ciphers (using
SSL_get_ciphers()), but the SSL_connect() always results in the same error
("no shared cipher") on the server and a handshake failed error on the
client.
I've also tested using the OpenSSL s_client, and I get the same error when
used with my server.
I'm not really sure which cipher to use (I need to read up on it, I guess),
but with no restrictions (i.e. not calling SSL_CTX_set_cipher_list()) or by
restricting to individual ciphers, such as DES-CBC3-SHA, I still get the same
error.
Are there any preconditions for using these ciphers, apart from setting a
private RSA key?
The full code I use for the server is in this function:
http://www.evilrealms.net/misc/session.cpp
Cheers,
Jay
- --
http://www.evilrealms.net/ - Systems Administrator & Developer
http://www.ic.ac.uk/ - Imperial College, 2nd year CS student
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
iD8DBQE+8kXUfJLn3O/2GbERAmHVAJ9v5aj7CQMs659EbkHcaj/5CSWGIQCg5qiI
29n3qpT6Bz8W8GlBw9BS2XQ=
=tu4g
-----END PGP SIGNATURE-----
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
