> Since anonymous (unauthenticated) ciphersuites are vulnerable to a man
> in the middle attack they are disabled with the default cipher string.
> You need to set a cipher string which has something like "ALL:@STRENGTH"
> in it using SSL_CTX_set_cipher_list() on both client and server.
Thanx. Th
Hi, i'm trying to set up an encrypted channel between client / server
but without authentication or certificates. From searching through the
mailing list archives, i've seen other people have done it successfully
before.
I tried working from the relatively simple demo/ssl/serv.cpp and
demo/ssl/c
