Hi, I have created a server and a client that connection and communicate well if I use this ciphers: "NULL-MD5", "NULL-SHA", "EXP-RC4-MD5", "RC4-MD5", "RC4-SHA", "EXP-RC2-CBC-MD5", "IDEA-CBC-SHA", "EXP-DES-CBC-SHA", "DES-CBD-SHA", "DES-CBC3-SHA", "AES128-SHA"," AES256-SHA".
The client and the server use the TLSv1 protocol. My problem is that I want use the others TLSv1 ciphers this error happen: 2042:error:1408A0C1:SSL routines:SSL3_GET_CLIENT_HELLO:no shared cipher:s3_srvr.c:882: But I do not understand this, because I use the same cipher for client, that for server. I am proving whit the EDH-RSA-DES-CBC-SHA but I do not happen. I generate the RSA key with the next command: openssl genrsa -des3 -out rsaclient.key 1024 and the certificate: openssl req -new -sha1 -x509 -key rsaclient.key -out rsaclient.crt Furthemore I add to the server this lines: RSA *rsa = NULL; DH *dh = NULL; FILE *dhParamFile; SSL_CTX_set_options( ctx, SSL_OP_EPHEMERAL_RSA ); SSL_CTX_set_options( ctx, SSL_OP_SINGLE_DH_USE ); dhParamFile = fopen( "dh_param_512.pem", "r" ); dh = PEM_read_DHparams( dhParamFile, NULL, NULL, NULL ); fclose( dhParamFile ); rsa = RSA_generate_key( 1024, RSA_F4, NULL, NULL ); SSL_CTX_set_tmp_rsa( ctx, rsa ); The connection was successful with the ciphers that write to the start the e-mail with this code added. PS: I use the same certificate an key for server and client, the server call to SSL_CTX_set_veirify( SSL_CTX *ctx, SSL_VERIFY_PEER, verify_callback ); but verify_callaback return 1, so the cert of client always is accepted by server. Thank you very much. Bye. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
