Hello, > I have a written a simple client-server program in which I am trying to communicate > between client and server using SSL by setting peer authentication OFF on both sides. > > When I don't set any certificates on server side, I am getting this error s3_srvr.c > (985): 41153: no shared cipher > > If I set certificate on server side, it is working fine. > > I have read TLSv1 RFC2246, in 7.3 section, they have given server sending its > certificate is optional. > > So, is it a restriction/limitation on openssl side? OR Am I doing any mistake?. I tried > look for the similar problems in openssl mail archive, but could not find any. This is because anonymous ciphers are disabled by default. You may test this with: $ openssl s_server -nocert $ openssl s_client this will give you no shared cipher. But if you enable anonymous ciphers: $ openssl s_server -nocert -cipher aNULL $ openssl s_client -cipher aNULL connection will be established properly. Of course commands: $ openssl s_server -nocert -cipher ALL $ openssl s_client -cipher ALL works too.
Best regards, -- Marek Marcola <[EMAIL PROTECTED]> ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
