TLS Handshake is Failing. cipher=DHE-RSA-AES128-SHA

Fri, 11 May 2012 00:50:56 -0700 

Hi All,
Please help me out in debugging this cipher negotiation issue.

My client supports OpensslV1.0 and my server supports Openssl0.9.7. I used
self-signed RSA type certificate on both server & client. But my Handshake
is failing.

My client sends these ciphers in client hello message.
Cipher Suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA (0x0033)
Cipher Suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA (0x0039)

OpenSSL 0.9.7a Feb 19 2003
OpenSSL>
OpenSSL> ciphers
DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:AES256-SHA:EDH-RSA-DES-CBC3-SHA:EDH-DSS-DES-CBC3-SHA:DES-CBC3-SHA:DES-CBC3-MD5:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA:AES128-SHA:RC2-CBC-MD5:DHE-DSS-RC4-SHA:EXP-KRB5-RC4-MD5:EXP-KRB5-RC4-SHA:KRB5-RC4-MD5:KRB5-RC4-SHA:RC4-SHA:RC4-MD5:RC4-MD5:KRB5-DES-CBC3-MD5:KRB5-DES-CBC3-SHA:RC4-64-MD5:EXP1024-DHE-DSS-DES-CBC-SHA:EXP1024-DES-CBC-SHA:EXP1024-RC2-CBC-MD5:KRB5-DES-CBC-MD5:KRB5-DES-CBC-SHA:EDH-RSA-DES-CBC-SHA:EDH-DSS-DES-CBC-SHA:DES-CBC-SHA:DES-CBC-MD5:EXP1024-DHE-DSS-RC4-SHA:EXP1024-RC4-SHA:EXP1024-RC4-MD5:EXP-KRB5-RC2-CBC-MD5:EXP-KRB5-DES-CBC-MD5:EXP-KRB5-RC2-CBC-SHA:EXP-KRB5-DES-CBC-SHA:EXP-EDH-RSA-DES-CBC-SHA:EXP-EDH-DSS-DES-CBC-SHA:EXP-DES-CBC-SHA:EXP-RC2-CBC-MD5:EXP-RC2-CBC-MD5:EXP-RC4-MD5:EXP-RC4-MD5

A Snippet from SSLdump:
3 1  0.0100 (0.0100)  C>SV3.1(101)  Handshake
      ClientHello
        Version 3.1
        random[32]=
          4f ac c2 65 e1 fc 67 9b c3 06 9b 2a 74 34 4d a8
          5b a0 2b 85 8a bd d8 06 99 c8 48 31 37 46 9b d4
        resume [32]=
          96 a6 be fa ec ac 21 f4 c9 ec 9b 5c c5 e9 5c bf
          38 71 1c ef 87 ce f3 b6 b0 6d 11 f2 72 71 11 d7
        cipher suites
        TLS_RSA_WITH_RC4_128_MD5
        TLS_RSA_WITH_RC4_128_SHA
        Unknown value 0x2f
        Unknown value 0x35
        Unknown value 0x34
        Unknown value 0x3a
        Unknown value 0x33
        Unknown value 0x39
        TLS_RSA_WITH_3DES_EDE_CBC_SHA
        Unknown value 0xff
        compression methods
                  NULL
3 2  0.0106 (0.0006)  S>CV3.1(2)  Alert
    level           fatal
    value           handshake_failure
3    0.0107 (0.0001)  S>C  TCP FIN



The question are:
1) Why TLS handshake is failing on both client & server support the
cipher=DHE-RSA-AES128-SHA
2) Why i am seeing unknown as my ciphers in client hello message ( on ssl
dump) ?
3) Is it has anything to do with RSA self-signed-certificate ?

Please clarify.
Thanks in advance.
Best regards,
S S Rout
-- 
View this message in context: 
http://old.nabble.com/TLS-Handshake-is-Failing.-cipher%3DDHE-RSA-AES128-SHA-tp33770194p33770194.html
Sent from the OpenSSL - User mailing list archive at Nabble.com.

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    openssl-users@openssl.org
Automated List Manager                           majord...@openssl.org

Reply via email to