Hi, unfortunately this didn't help.
Besides, I am using SSL_library_init. The manual says OpenSSL_add_ssl_algorithms() and SSLeay_add_ssl_algorithms() are synonyms for SSL_library_init(). Best regards chris r. =) On 06.04.2012 19:20, marek.marc...@malkom.pl wrote: > Hello, > > Maybe there is library initialization problem, try to add: > > SSL_load_error_strings(); > SSLeay_add_ssl_algorithms(); > > Best regards, > -- > Marek Marcola <marek.marc...@malkom.pl> > > > owner-openssl-us...@openssl.org wrote on 04/06/2012 07:06:22 PM: > >> crk <c...@crook.de> >> Sent by: owner-openssl-us...@openssl.org >> >> 04/06/2012 07:07 PM >> >> Please respond to >> openssl-users@openssl.org >> >> To >> >> openssl-users@openssl.org >> >> cc >> >> Subject >> >> Re: "no shared cipher" >> >> Hi Marek Marcola, thanks a lot for your help. I tried the commands with >> exactly the same certificates and private keys and the connection works. >> This makes me half happy :) >> >> So, maybe I doing something wrong on handshaking? >> >> Best regards >> chris r. >> >> >> On 06.04.2012 18:46, marek.marc...@malkom.pl wrote: >>> Hello, >>> >>> Test connection works: >>> >>> SERVER: >>> # openssl s_server -key vpn-server-key.pem -cert vpn-server-crt.pem >>> -cipher RC4-SHA -tls1 >>> Using default temp DH parameters >>> Using default temp ECDH parameters >>> ACCEPT >>> -----BEGIN SSL SESSION PARAMETERS----- >>> MFoCAQECAgMBBAIABQQABDCLRcpyQeyzVWraS2xLoieVLwRjHGz74LUjhba+gnYZ >>> JrObUopzWYJc2tuSFoZlRsyhBgIET38dO6IEAgIcIKQGBAQBAAAAqwMEAQE= >>> -----END SSL SESSION PARAMETERS----- >>> Shared ciphers:RC4-SHA >>> CIPHER is RC4-SHA >>> Secure Renegotiation IS supported >>> .... >>> >>> CLIENT: >>> # openssl s_client -cipher RC4-SHA -tls1 >>> .... >>> New, TLSv1/SSLv3, Cipher is RC4-SHA >>> Server public key is 2048 bit >>> Secure Renegotiation IS supported >>> Compression: zlib compression >>> Expansion: zlib compression >>> SSL-Session: >>> Protocol : TLSv1 >>> Cipher : RC4-SHA >>> .... >>> >>> Best regards, >>> -- >>> Marek Marcola <marek.marc...@malkom.pl> >>> >>> >>> owner-openssl-us...@openssl.org wrote on 04/06/2012 06:17:38 PM: >>> >>>> crk <c...@crook.de> >>>> Sent by: owner-openssl-us...@openssl.org >>>> >>>> 04/06/2012 06:26 PM >>>> >>>> Please respond to >>>> openssl-users@openssl.org >>>> >>>> To >>>> >>>> openssl-users@openssl.org >>>> >>>> cc >>>> >>>> Subject >>>> >>>> "no shared cipher" >>>> >>>> Hi, >>>> >>>> I am trying to establish an tls1 connection between a server and a >>>> client, running in two threads. >>>> >>>> When doing the handshake the server gets the hello message and throws > an >>>> error: >>>> error:1408A0C1:SSL routines:SSL3_GET_CLIENT_HELLO:no shared cipher >>>> >>>> I am using on both sides SSL_CTX_set_cipher_list(ctx, "RC4-SHA"). >>>> >>>> To figure out the cipher string I used the following command: >>>> openssl ciphers -tls1 >>> "aRSA:AES:-kEDH:-ECDH:-SRP:-PSK:-NULL:-EXP:-MD5:-DES" >>>> which gave me: >>>> >>> > ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:ECDHE-RSA-RC4-SHA:ECDH- >>>> >>> > RSA-AES256-SHA:ECDH-RSA-AES128-SHA:ECDH-RSA-DES-CBC3-SHA:ECDH-RSA-RC4-SHA:AES256- >>>> SHA:AES128-SHA:DES-CBC3-SHA:RC4-SHA >>>> >>>> Also the certs and private keys for server and client are set up. No >>>> error here, I believe. >>>> >>>> What am I doing wrong? (see more here: > http://paste.debian.net/162331/) >>>> >>>> Thanks so far, >>>> aureliano =) >>>> > ______________________________________________________________________ >>>> OpenSSL Project > http://www.openssl.org >>>> User Support Mailing List openssl-users@openssl.org >>>> Automated List Manager majord...@openssl.org >>> >>> ______________________________________________________________________ >>> OpenSSL Project http://www.openssl.org >>> User Support Mailing List openssl-users@openssl.org >>> Automated List Manager majord...@openssl.org >>> >> >> -- >> crk >> >> For free communication with me use GPG. Questions? Ask me ;) >> WIKI: http://en.wikipedia.org/wiki/E-mail_privacy >> GPG: www.crook.de/crk/crk_pub_0xB268A580.asc >> >> [attachment "signature.asc" deleted by Marek Marcola/malkom] > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-users@openssl.org > Automated List Manager majord...@openssl.org > -- crk For free communication with me use GPG. Questions? Ask me ;) WIKI: http://en.wikipedia.org/wiki/E-mail_privacy GPG: www.crook.de/crk/crk_pub_0xB268A580.asc ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
