So the problem could be that my cert chain is not correct and I'm chasing down the wrong path by looking at the ciphers?
On Tue, May 10, 2011 at 3:08 PM, Dr. Stephen Henson <st...@openssl.org> wrote: > On Tue, May 10, 2011, Mike Markley wrote: > >> I'm working on an OpenSSL based server that is running into a problem >> with the above error when the remote client tries to connect. I've >> built a debug version of OpenSSL for iPhone and I'm dumping all the >> ciphers in ssl3_choose_cipher. What I don't understand is, at least at >> the name level all the ciphers that the remote client specifies are >> available in the list of ciphers that OpenSSL has but none of the >> masks match up. Am I missing a setup step? I'm using the sample code >> in the book Network security with OpenSSL as a starting point. I don't >> have source to the remote client so I don't have any way of debugging >> from that side of the equation. >> > > Note that the ciphersuite availability depends on the key(s) and > certificate(s) configured in the server. If you have none then only > unauthenticated ciphersuites are used which are disabled by default cipher > strings. If you have RSA, RSA ciphersuites are included, DSA includes the DSA > (DSS) ones etc. > > Steve. > -- > Dr Stephen N. Henson. OpenSSL project core developer. > Commercial tech support now available see: http://www.openssl.org > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-users@openssl.org > Automated List Manager majord...@openssl.org > ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
