On Tue, May 10, 2011, Mike Markley wrote: > I'm working on an OpenSSL based server that is running into a problem > with the above error when the remote client tries to connect. I've > built a debug version of OpenSSL for iPhone and I'm dumping all the > ciphers in ssl3_choose_cipher. What I don't understand is, at least at > the name level all the ciphers that the remote client specifies are > available in the list of ciphers that OpenSSL has but none of the > masks match up. Am I missing a setup step? I'm using the sample code > in the book Network security with OpenSSL as a starting point. I don't > have source to the remote client so I don't have any way of debugging > from that side of the equation. >
Note that the ciphersuite availability depends on the key(s) and certificate(s) configured in the server. If you have none then only unauthenticated ciphersuites are used which are disabled by default cipher strings. If you have RSA, RSA ciphersuites are included, DSA includes the DSA (DSS) ones etc. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
