I've tried both:
SSL_CTX_set_cipher_list("AECDH")
and:
SSL_CTX_set_cipher_list("AECDH-AES256-SHA")
on both the client and server side, both of which result in the dreaded
"no shared cipher" error:
error:1408A0C1:SSL routines:ssl3_get_client_hello:no shared
cipher:s3_srvr.c:1417:
The following works but is not what I want:
SSL_CTX_set_cipher_list("ADH")
Any suggestions on how to proceed?
Norm Green
On 5/24/16 10:45, Salz, Rich wrote:
>./openssl ciphers -v 'ALL:aNULL' |grep ECDH |grep "Au=None"
AECDH-AES256-SHA SSLv3 Kx=ECDH Au=None Enc=AES(256) Mac=SHA1
AECDH-AES128-SHA SSLv3 Kx=ECDH Au=None Enc=AES(128) Mac=SHA1
AECDH-RC4-SHA SSLv3 Kx=ECDH Au=None Enc=RC4(128) Mac=SHA1
AECDH-DES-CBC3-SHA SSLv3 Kx=ECDH Au=None Enc=3DES(168)
Mac=SHA1
AECDH-NULL-SHA SSLv3 Kx=ECDH Au=None Enc=None Mac=SHA1
1) What arg to SSL_CTX_set_cipher_list() to I need to use to get these?
I previously tried "kEECDH:kEDH" and that didn't work.
Use one of the names in the first column.
2) These ciphers all report as SSLv3.
That is the protocol version where they were first defined.
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
