Mike Marshall wrote:
1) I couldn't find any code in the 3rd party library that calls
SSL_CTX_set_cipher_list
- does this mean I should call it myself? I thought I read
somewhere that if it wasn't called that some defaults were used or at
the very least OpenSSL could extract a list from the key/certifcate
files
There is a default setting but i don't remember which one. For testing purposes call SSL_CTX_set_cipher_list with the value "ALL" (later replace it with a selection of suites which you regard as sufficiently secure).
2) I ran ssldump and got no output from the utility, even during the initial connection to the socket from the client
I tried these three command lines:
ssldump -AdX -k .\server.pem tcp dst port 8002 ssldump -AdX -k .\server.pem ssldump -AdX \Device\Packet_{6F94DA19-0067-4E18-AE52-F3217150F0B6} -k .\server.pem tcp dst port 8002
It should at least print a one line message for each connection (even non-SSL) set up. I have used ssldump only on Unix/Linux machines, therefore i don't know whether there are special issues on Windows machines. Is WinPCAP installed correctly?
Ciao,
Richard
--
Dr. Richard W. Könning
Fujitsu Siemens Computers GmbH
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
