Hello, Maybe there is library initialization problem, try to add:
SSL_load_error_strings(); SSLeay_add_ssl_algorithms(); Best regards, -- Marek Marcola <marek.marc...@malkom.pl> owner-openssl-us...@openssl.org wrote on 04/06/2012 07:06:22 PM: > crk <c...@crook.de> > Sent by: owner-openssl-us...@openssl.org > > 04/06/2012 07:07 PM > > Please respond to > openssl-users@openssl.org > > To > > openssl-users@openssl.org > > cc > > Subject > > Re: "no shared cipher" > > Hi Marek Marcola, thanks a lot for your help. I tried the commands with > exactly the same certificates and private keys and the connection works. > This makes me half happy :) > > So, maybe I doing something wrong on handshaking? > > Best regards > chris r. > > > On 06.04.2012 18:46, marek.marc...@malkom.pl wrote: > > Hello, > > > > Test connection works: > > > > SERVER: > > # openssl s_server -key vpn-server-key.pem -cert vpn-server-crt.pem > > -cipher RC4-SHA -tls1 > > Using default temp DH parameters > > Using default temp ECDH parameters > > ACCEPT > > -----BEGIN SSL SESSION PARAMETERS----- > > MFoCAQECAgMBBAIABQQABDCLRcpyQeyzVWraS2xLoieVLwRjHGz74LUjhba+gnYZ > > JrObUopzWYJc2tuSFoZlRsyhBgIET38dO6IEAgIcIKQGBAQBAAAAqwMEAQE= > > -----END SSL SESSION PARAMETERS----- > > Shared ciphers:RC4-SHA > > CIPHER is RC4-SHA > > Secure Renegotiation IS supported > > .... > > > > CLIENT: > > # openssl s_client -cipher RC4-SHA -tls1 > > .... > > New, TLSv1/SSLv3, Cipher is RC4-SHA > > Server public key is 2048 bit > > Secure Renegotiation IS supported > > Compression: zlib compression > > Expansion: zlib compression > > SSL-Session: > > Protocol : TLSv1 > > Cipher : RC4-SHA > > .... > > > > Best regards, > > -- > > Marek Marcola <marek.marc...@malkom.pl> > > > > > > owner-openssl-us...@openssl.org wrote on 04/06/2012 06:17:38 PM: > > > >> crk <c...@crook.de> > >> Sent by: owner-openssl-us...@openssl.org > >> > >> 04/06/2012 06:26 PM > >> > >> Please respond to > >> openssl-users@openssl.org > >> > >> To > >> > >> openssl-users@openssl.org > >> > >> cc > >> > >> Subject > >> > >> "no shared cipher" > >> > >> Hi, > >> > >> I am trying to establish an tls1 connection between a server and a > >> client, running in two threads. > >> > >> When doing the handshake the server gets the hello message and throws an > >> error: > >> error:1408A0C1:SSL routines:SSL3_GET_CLIENT_HELLO:no shared cipher > >> > >> I am using on both sides SSL_CTX_set_cipher_list(ctx, "RC4-SHA"). > >> > >> To figure out the cipher string I used the following command: > >> openssl ciphers -tls1 > > "aRSA:AES:-kEDH:-ECDH:-SRP:-PSK:-NULL:-EXP:-MD5:-DES" > >> which gave me: > >> > > ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:ECDHE-RSA-RC4-SHA:ECDH- > >> > > RSA-AES256-SHA:ECDH-RSA-AES128-SHA:ECDH-RSA-DES-CBC3-SHA:ECDH-RSA-RC4-SHA:AES256- > >> SHA:AES128-SHA:DES-CBC3-SHA:RC4-SHA > >> > >> Also the certs and private keys for server and client are set up. No > >> error here, I believe. > >> > >> What am I doing wrong? (see more here: http://paste.debian.net/162331/) > >> > >> Thanks so far, > >> aureliano =) > >> ______________________________________________________________________ > >> OpenSSL Project http://www.openssl.org > >> User Support Mailing List openssl-users@openssl.org > >> Automated List Manager majord...@openssl.org > > > > ______________________________________________________________________ > > OpenSSL Project http://www.openssl.org > > User Support Mailing List openssl-users@openssl.org > > Automated List Manager majord...@openssl.org > > > > -- > crk > > For free communication with me use GPG. Questions? Ask me ;) > WIKI: http://en.wikipedia.org/wiki/E-mail_privacy > GPG: www.crook.de/crk/crk_pub_0xB268A580.asc > > [attachment "signature.asc" deleted by Marek Marcola/malkom] ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
