Hi Rajat: On Tuesday 29 January 2008 01:46:39 [EMAIL PROTECTED] wrote: > Hi All, > <snip> > ./openssl s_client -connect 192.168.32.164:32001 -no_ssl2 -cipher > DHE-DSS-AES256-SHA -state > > CONNECTED(00000004) > SSL_connect:before/connect initialization > SSL_connect:SSLv2/v3 write client hello A > SSL3 alert read:fatal:handshake failure > SSL_connect:error in SSLv2/v3 read server hello A > 22893:error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert > handshake failure:s23_clnt.c:562: > > ./openssl s_client -connect 192.168.32.164:32001 -no_ssl2 -cipher > DHE-DSS-AES128-SHA -state > > CONNECTED(00000004) > SSL_connect:before/connect initialization > SSL_connect:SSLv2/v3 write client hello A > SSL3 alert read:fatal:handshake failure > SSL_connect:error in SSLv2/v3 read server hello A > 23059:error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert > handshake failure:s23_clnt.c:562: > > ./openssl s_client -connect 192.168.32.164:32001 -no_ssl2 -cipher > EDH-DSS-DES-CBC3-SHA -state > > CONNECTED(00000004) > SSL_connect:before/connect initialization > SSL_connect:SSLv2/v3 write client hello A > SSL3 alert read:fatal:handshake failure > SSL_connect:error in SSLv2/v3 read server hello A > 23084:error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert > handshake failure:s23_clnt.c:562: > > Can somebody help me on this or is there something that should be > happening behind the scenes that I'm missing. > From the above, the ciphers that are failing are ones that use DSA keys. Does your server understand and have DSA keys configured?
If not, that would probably be why it is failing. Cheers. -- Patrick Patterson President and Chief PKI Architect, Carillon Information Security Inc. http://www.carillon.ca ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
