On Wed, May 08, 2019 at 05:23:38PM -0500, Benjamin Kaduk via openssl-users
wrote:
> > > In Postfix, it is configured with the same settings as the initial
> > > SSL_CTX, *but* no server certificates. During the SNI callback I
> > > interpose the certificate-less context, and then
On Wed, May 08, 2019 at 04:40:07PM -0400, Michael Richardson wrote:
>
> Viktor Dukhovni wrote:
> >> Diversionary issue:
> >>
> https://www.openssl.org/docs/manmaster/man3/SSL_set_tlsext_host_name.html
> >> and:
> >>
>
On Wed, May 08, 2019 at 04:40:07PM -0400, Michael Richardson wrote:
> > You can interpose a secondary "virtual-host-specific" SSL_CTX for for
> > the rest of the handshake. This carries the server certificate, but
> > also the trust store settings for validating client certificates,
Viktor Dukhovni wrote:
>> Diversionary issue:
>> https://www.openssl.org/docs/manmaster/man3/SSL_set_tlsext_host_name.html
>> and:
>>
https://www.openssl.org/docs/manmaster/man3/SSL_CTX_set_client_hello_cb.html
>>
>> are pretty vague. I think that
> On May 8, 2019, at 4:23 PM, Michael Richardson wrote:
>
> My questions about the documentation of the callbacks remain.
> Having solved the problem, I'm pretty certain the the "no shared cipher"
> error message is way too overloaded.
It sounds like you failed to
My questions about the documentation of the callbacks remain.
Having solved the problem, I'm pretty certain the the "no shared cipher"
error message is way too overloaded.
Some piece of code is clearly doing something useful, which is to check if
the public/private key match. Unf
On Wed, May 08, 2019 at 02:15:43PM -0400, Michael Richardson wrote:
> Diversionary issue:
> https://www.openssl.org/docs/manmaster/man3/SSL_set_tlsext_host_name.html
> and:
> https://www.openssl.org/docs/manmaster/man3/SSL_CTX_set_client_hello_cb.html
>
> are pretty vague. I think that
o not
work. In particular, I would get a message about no shared cipher on the
server emitted when something linked in openssl 1.0.x rather than 1.1.x,
and I had configured an ECDSA keypair. I'm not sure if it was precisely:
140639813764864:error:1417A0C1:SSL routines:tls_post_process_clien
)
Cipher Suite: TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5 (0x0006)
Cipher Suite: TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA (0x0013)
Cipher Suite: TLS_DHE_DSS_WITH_DES_CBC_SHA (0x0012)
Cipher Suite: TLS_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA (0x0063)
but I get a no shared cipher error and handshake fails.
My
error:1408A0C1:SSL
routines:ssl3_get_client_hello:no shared cipher
(1) eap_tls: ERROR: System call (I/O) error (-1)
(1) eap_tls: ERROR: TLS receive handshake failed during operation
(1) eap_tls: ERROR: [eaptls process] = fail
(1) eap: ERROR: Failed continuing EAP TLS (13) session. EAP sub-module
failed
(1) eap: Sending E
Have googled a lot, not found any answer to the following problem: Created
server code and client code, but get
error:1408A0C1:SSL routines:SSL3_GET_CLIENT_HELLO:no shared cipher
at the server when doing SSL_connect.
The code below is narrowed down to the sequence of the SSL / socket related
My bad - needed to initialize SSL_CTX_set_tmp_dh() BEFORE calling SSL_new().
From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf Of
Jim Carroll
Sent: Saturday, August 06, 2016 6:59 AM
To: openssl-users@openssl.org
Subject: [openssl-users] 'no shared cipher', TLS_method
Using OpenSSL 1.1.0-pre7-dev, our SSL server app is reporting:
10308:error:1417A0C1:SSL routines:tls_post_process_client_hello:no shared
cipher:ssl\statem\statem_srvr.c:1420:
Client & server both set to use TLS_method() with default ciphers. With
-DCIPHER_DEBUG enabled in our OpenSSL
From: openssl-users On Behalf Of Rajeswari K
Sent: Monday, February 02, 2015 22:17
Thanks for responding. Following is the output printed by openssl
./openssl req -in csr.csr -noout -text
snip
Subject Public Key Info:
Public Key Algorithm: id-ecPublicKey
From: openssl-users On Behalf Of Rajeswari K
Sent: Sunday, February 01, 2015 21:18
Am facing an issue of no shared cipher error during SSL Handshake,
when tried to negotiate ECDHE cipher suite.
snip
*Feb 2 01:00:47.894: SSL_accept:error in SSLv3 read client hello C
*Feb 2 01:00:47.894
issue with these parameters?
Thanks,
Rajeswari.
On Tue, Feb 3, 2015 at 8:28 AM, Dave Thompson dthomp...@prinpay.com wrote:
From: openssl-users On Behalf Of Rajeswari K
Sent: Sunday, February 01, 2015 21:18
Am facing an issue of no shared cipher error during SSL Handshake,
when tried
Hello Openssl users,
Am facing an issue of no shared cipher error during SSL Handshake, when
tried to negotiate ECDHE cipher suite.
We are using openssl-1.0.1j version. Can you please share your thoughts?
Following are the logs during SSL Handshake.
Server has 2 from 0xE29690E0:
0x10B42900
Hello,
Thank to both of you.
Best regards,
--
Francis
Le 17/09/2014 20:38, Dave Thompson a écrit :
From: owner-openssl-us...@openssl.org On Behalf Of Francis GASCHET
Sent: Wednesday, September 17, 2014 13:35
We use openSSL in OFTP2 implementation. The OFTP2 working group
decided
to strongly
with the No shared cipher error.
On this site, the command openssl ciphers says that DHE-RSA-AES128-SHA
and EDH-RSA-DES-CBC3-SHA are supported(among others).
So 2 ciphersuites are shared...
BTW: In this version of the software, the default list is in use
(SSL_CTX_set_cipher_list is not called
rejects the connection with the No shared cipher error.
As expected.
On this site, the command openssl ciphers says that DHE-RSA-AES128-SHA and
EDH-RSA-DES-CBC3-SHA are supported(among others).
These require configuration of server-side temp DH parameters.
It is the same when I reverse
From: owner-openssl-us...@openssl.org On Behalf Of Francis GASCHET
Sent: Wednesday, September 17, 2014 13:35
We use openSSL in OFTP2 implementation. The OFTP2 working group
decided
to strongly recommend to use preferably the cipher suites including PFS
(ephemeral Diffie Hellman).
snip
To
. Consequently, the server will not get
any shared cipher information.
Hope this helps other people :)
Best regards
chris r.
On 06.04.2012 22:06, Jeffrey Walton wrote:
On Fri, Apr 6, 2012 at 1:42 PM, crk c...@crook.de wrote:
Hi,
unfortunately this didn't help.
Besides, I am using SSL_library_init
Hi,
I am trying to establish an tls1 connection between a server and a
client, running in two threads.
When doing the handshake the server gets the hello message and throws an
error:
error:1408A0C1:SSL routines:SSL3_GET_CLIENT_HELLO:no shared cipher
I am using on both sides
...@crook.de
Sent by: owner-openssl-us...@openssl.org
04/06/2012 06:26 PM
Please respond to
openssl-users@openssl.org
To
openssl-users@openssl.org
cc
Subject
no shared cipher
Hi,
I am trying to establish an tls1 connection between a server and a
client, running in two
wrote on 04/06/2012 06:17:38 PM:
crk c...@crook.de
Sent by: owner-openssl-us...@openssl.org
04/06/2012 06:26 PM
Please respond to
openssl-users@openssl.org
To
openssl-users@openssl.org
cc
Subject
no shared cipher
Hi,
I am trying to establish an tls1 connection between a server
...@openssl.org
04/06/2012 07:07 PM
Please respond to
openssl-users@openssl.org
To
openssl-users@openssl.org
cc
Subject
Re: no shared cipher
Hi Marek Marcola, thanks a lot for your help. I tried the commands with
exactly the same certificates and private keys and the connection
/06/2012 07:07 PM
Please respond to
openssl-users@openssl.org
To
openssl-users@openssl.org
cc
Subject
Re: no shared cipher
Hi Marek Marcola, thanks a lot for your help. I tried the commands with
exactly the same certificates and private keys and the connection works.
This makes me
On Fri, Apr 6, 2012 at 1:42 PM, crk c...@crook.de wrote:
Hi,
unfortunately this didn't help.
Besides, I am using SSL_library_init. The manual says
OpenSSL_add_ssl_algorithms() and SSLeay_add_ssl_algorithms() are
synonyms for SSL_library_init().
The client and server each call a different
May 2011, 17:56
Subject: Re: No shared cipher error using ECDSA
On Fri, May 13, 2011 at 05:41:52PM +0100, Mike Bell wrote:
However I keep getting a no shared cipher error.
In my client server openssl.cnf files I've specified
cipher AES-128-CBC
This is not an EC cipher, and if you configure
On Mon, May 16, 2011 at 11:56:41AM +0100, Mike Bell wrote:
Thanks Viktor,
I hadn't properly understood the relationship between the certificate
and the cipher, so I'll look at that now. I think I'm also confusing
the OpenVPN? OpenSSL relationship.
OpenVPN does appear to be using TLS
Hi,
I’m trying to create a VPN using OpenVPN over OpenSSL encrypted with AES and
using an elliptical curve DSA.
However I keep getting a “no shared cipher” error.
The full error log is :-
MULTI: multi_create_instance called
Re-using SSL/TLS context
Control Channel MTU parms [ L:1557 D:138 EF
On Fri, May 13, 2011 at 05:41:52PM +0100, Mike Bell wrote:
However I keep getting a no shared cipher error.
In my client server openssl.cnf files I've specified
cipher AES-128-CBC
This is not an EC cipher, and if you configure an EC cert, but specify
a cipher that is one of the ones
Hi,
I’m trying to create a VPN using OpenVPN over OpenSSL encrypted with AES and
using an elliptical curve DSA.
However I keep getting a “no shared cipher” error.
The full error log is :-
MULTI: multi_create_instance called
Re-using SSL/TLS context
Control Channel MTU parms [ L:1557 D:138
on AES and either EC
DSA, DSA or RSA as the signature algorithm, but with a preference for ECDSA.
Thanks
From: Victor Duchovni victor.ducho...@morganstanley.com
To: openssl-users@openssl.org openssl-users@openssl.org
Sent: Friday, 13 May 2011, 17:56
Subject: Re: No shared cipher error using
On Fri, May 13, 2011 at 06:36:34PM +0100, Mike Bell wrote:
I had originally put
cipher AES-128-CBC
in SERVER.OVPN CLIENT.OVPN, not OPENSSL.CNF files (it's been a long week!)
I am not familiar with your VPN product, so you'll have to figure out
what configuration options are applicable. If
Hi,
I've generated certificates based on the secp256r1 curve and a connection to
the server can be established not only with FireFox, but also Internet
Explorer and Chrome. It must be that secp160r2 is not supported by the
browsers. Do you think it would be possible to add a more descriptive
Hi,
Firefox 3.6.2 supports the TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA cipher
suite. I've configured Open SSL (version 1.0.0.a) as a test server with
what I think is a suitable ECC key/certificate (attached) The keys were
created with the attached script.
The server was started like this:
openssl
Hi Alex,
just check the list of ciphersuites that FF sends in its client hello message
and you'll see which ciphersuites FF supports.
HTH,
Patrick Eisenacher
-Original Message-
From: Alex Birkett
Hi,
Firefox 3.6.2 supports the TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA cipher suite.
I've
Hi Patrick,
Thanks for your response. FF 3.6.2 is
sending TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA in it's client hello message.
The command line OpenSSL client can be made to connect using this cipher
suite. Any ideas?
Thanks,
Alex
On 8 July 2010 13:41, Eisenacher, Patrick
Hi Alex,
if you configure s_client with the same list of ciphersuites that firefox
sends, then s_server will show the same reaction. That means your ff and your
s_client send different lists of ciphersuites.
You seem to invoke s_client with the standard list of ciphersuites...whatever
that
Hi Patrick,
openssl s_client -connect localhost:4433 -cipher ECDHE-ECDSA-AES256-SHA
works fine it sends the following cipher suite in the client hello message:
Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA (0xc00a)
Just double checked with wireshark and FF also sends
Cipher Suite:
Hi Alex,
are you sure, ff ist talking to the same server on port 4433?
Do you get a successful handshake when using a different ciphersuite on the
server?
Patrick Eisenacher
-Original Message-
From: Alex Birkett
Hi Patrick,
openssl s_client -connect localhost:4433 -cipher
Hi,
on https://developer.mozilla.org/en/Security_in_Firefox_2 I found that FF 2 does
support only curves with 256, 384, and 521. Maybe this is the same for FF 3 and
your 160 bit curve is not supported.
Bye
Dirk
Alex Birkett wrote:
Hi,
Firefox 3.6.2 supports the
On Thu July 8 2010, Dirk Menstermann wrote:
Hi,
on https://developer.mozilla.org/en/Security_in_Firefox_2 I found that FF 2
does
support only curves with 256, 384, and 521. Maybe this is the same for FF 3
and
your 160 bit curve is not supported.
Try: about:config in your browser, page
Am 01.04.10 23:09, schrieb Victor Duchovni:
On Thu, Apr 01, 2010 at 10:48:56PM +0200, G??tz Reinicke - IT Koordinator
wrote:
Hi,
how do I check this?
On both servers I do have installed the same client and server software
and performing a secured connection from both systems to the
: SSL_accept:error in SSLv3 read client hello B
TLS trace: SSL_accept:error in SSLv3 read client hello B
TLS: can't accept.
TLS: error:1408A0C1:SSL routines:SSL3_GET_CLIENT_HELLO:no shared cipher
s3_srvr.c:975
connection_read(13): TLS accept failure error=-1 id=0, closing
from the ldap client debug
routines:SSL3_GET_CLIENT_HELLO:no shared cipher
s3_srvr.c:975
connection_read(13): TLS accept failure error=-1 id=0, closing
from the ldap client debug:
TLS trace: SSL3 alert read:fatal:handshake failure
TLS trace: SSL_connect:error in SSLv2/v3 read server hello A
TLS: can't
On Thu, Apr 01, 2010 at 10:48:56PM +0200, G??tz Reinicke - IT Koordinator wrote:
Hi,
how do I check this?
On both servers I do have installed the same client and server software
and performing a secured connection from both systems to the master
server works; from both systems to the
Thanks everyone for the help, I think I am getting closer. All of the SSL
has been removed from the listener (makes much more sense to me now), and
the Init routine has had CRYPTO_malloc_init() and
ENGINE_load_builtin_engines() added (it already had the other basic
routines).
When I use my client
Hello,
I'm wondering if someone can help me with a no shared cipher error
occurring when I attempt SSL_accept? I'll try to explain what's being done
as succinctly as possible:
1. There are two classes, SocketListener and SocketClient. Each does the
following as part of SSL initialization
From: owner-openssl-us...@openssl.org On Behalf Of Dan Arcari
Sent: Wednesday, 21 January, 2009 16:18
I'm wondering if someone can help me with a no shared cipher error
occurring when I attempt
SSL_accept? I'll try to explain what's being done as succinctly as
possible:
1. There are two
On Thu, Jan 22, 2009 at 08:51:20PM -0500, Dave Thompson wrote:
Except as noted above, this sounds reasonable. I assume you realize
that ALL includes, and could possibly negotiate, some weak ciphers;
but since you're explicitly adding eNULL you apparently don't care.
It certainly should be
, 2009 at 8:10 PM, Dan Arcari danarc...@gmail.com wrote:
Hello,
I'm wondering if someone can help me with a no shared cipher error
occurring when I attempt SSL_accept? I'll try to explain what's being done
as succinctly as possible:
1. There are two classes, SocketListener and SocketClient. Each
Aw, shoot. I see this is a re-issue of your question and others have
provided better answers already a few hours ago.
Keeping your browser open all night doesn't make gmail show a fresh
bunch when you wake up. Time for first coffee, pronto...
Anyway, check that add_all_algo thing anyway. Given
Hello,
I'm wondering if someone can help me with a no shared cipher error
occurring when I attempt SSL_accept? I'll try to explain what's being done
as succinctly as possible:
1. There are two classes, SocketListener and SocketClient. Each does the
following as part of SSL initialization
request from the client and connection is accepted
using the funtion BIO_do_accept, the handshake process fails. I am using the
function BIO_do_handshake() for this.
The reason for failure I get is No shared cipher.
I found a function which allows us to set the list of ciper suites that we
connection request from the client and connection is
accepted
using the funtion BIO_do_accept, the handshake process fails. I am using
the
function BIO_do_handshake() for this.
The reason for failure I get is No shared cipher.
I found a function which allows us to set the list of ciper suites that
we
error: SSL accept error(SSL): error:1408A0C1:SSL
routines:SSL3_GET_CLIENT_HELLO:no shared cipher
Works great without FIPS but get no shared cipher error when FIPS enabled
libraries are linked in. Suspect the problem is with the X509 certificate
that I'm using. Certificates details are included
/secp160r1.crt
SSLCertificateKeyFile
d:/www/Apache2/conf/secp160r1.key
Attempted to check ec cert using command:
openssl s_server -cert secp160r1.crt -key
secp160r1.key
and received error SSL routines:
SSL3_GET_CLIENT_HELLO:no shared cipher
Run command openssl x509 -in secp160r1.crt -text
Hello,
I used SSL_CTX_set_cipher_list() to try all kinds of ADH plus aNULL, eNULL,
NULL and ALL.
The connection still could not be setup without server certificate.
On server side:
- generate DH parameters file:
# openssl dhparam 512 -out dhparm.pem
- add code
Marcola
Sent: Tuesday, April 18, 2006 5:05 PM
To: openssl-users@openssl.org
Subject: RE: strange problem of no shared cipher for no
certificateTLSconnection
Hello,
I used SSL_CTX_set_cipher_list() to try all kinds of ADH
plus aNULL, eNULL, NULL and ALL.
The connection still could
Hello,
I have tried. It did not work. Since my work is based on ACE_SSL, I tried
with ACE_SSL example program.
Still could not setup TLS connection. Seems like an ACE_SSL bug.
Try ssldump or simply tcpdump to get handshake client_hello packet
to check if client tries to send ADH ciphers.
?
Thanks,
Roger
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Dr.
Stephen Henson
Sent: Friday, April 14, 2006 11:59 PM
To: openssl-users@openssl.org
Subject: Re: strange problem of no shared cipher for no
certificate TLS connection
On Fri, Apr
could succeed without
certificate? Confused and frustrated. :(
Roger
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Marek Marcola
Sent: Saturday, April 15, 2006 12:06 AM
To: openssl-users@openssl.org
Subject: Re: strange problem of no shared cipher
On Mon, Apr 17, 2006 at 10:20:14AM +0800, Zhang, Long (Roger) wrote:
Hi, Steve,
Thanks for your reply. I found no use to add dhparam file to my server
and client. The connection still could not be setup. I found if I set
server certificate and private key, the connection could be setup.
certificate.
Roger
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Victor Duchovni
Sent: Monday, April 17, 2006 11:09 AM
To: openssl-users@openssl.org
Subject: Re: strange problem of no shared cipher for no certificate
TLS connection
On Mon, Apr 17, 2006
On Mon, Apr 17, 2006 at 11:12:41AM +0800, Zhang, Long (Roger) wrote:
Hi,
I have tried to set ciphersuite to ADH. And I checked my application with
s_server.c and s_client.c. When -nocert is set for openssl server, the
certificate is not loaded. My application also does not load any
could succeeded to setup a TLS connection, but my application always
failed with SSL3_GET_CLIENT_HELLO:no shared cipher error.
successful openssl command
On server side
openssl s_server -accept 25062 -nocert -cipher aNULL -rand
/home/zhangl/openssl/test/ca.bak/newcerts/01.pem
On client
and rand file with openssl command, while openssl
command could succeeded to setup a TLS connection, but my application always
failed with SSL3_GET_CLIENT_HELLO:no shared cipher error.
The FAQ question about no shared ciphers is relevant here. Although this
refers to DSA certificates
with SSL3_GET_CLIENT_HELLO:no shared
cipher error.
successful openssl command
On server side
openssl s_server -accept 25062 -nocert -cipher aNULL -rand
/home/zhangl/openssl/test/ca.bak/newcerts/01.pem
On client side
openssl s_client -connect gdcqd1:25062 -cipher aNULL -rand
/home/zhangl
Title: Query abt s-cert-pkeys : encountering No shared cipher error
Hi all,
I'm having a problem where ssl_handshake returns with the alert No shared cipher. After debugging a little more I have following questions:
1. What is s-certs and s-certs-pkeys? What is their role and who/what sets
On Tue, Sep 20, 2005, Vinay Jha wrote:
Hi all,
I'm having a problem where ssl_handshake returns with the alert No
shared cipher. After debugging a little more I have following
questions:
Well before delving into the internals you should consider a few issues...
Can you connect to the server
@openssl.org
Subject: Re: Query abt s-cert-pkeys : encountering No shared cipher
error
On Tue, Sep 20, 2005, Vinay Jha wrote:
Hi all,
I'm having a problem where ssl_handshake returns with the alert No
shared cipher. After debugging a little more I have following
questions:
Well before
) ERR_error_string_n - this function reveals my dreaded error:
error:1408A0C1:SSL routines:SSL3_GET_CLIENT_HELLO:no shared cipher
This error means that the server doesn't accept any of the cipher suites
proposed by the client. Look for the cipher suites the client uses and
the server accepts, e.g. look
Hi,, all.
Please help me solve next problem.
Server with OpenSSL 0.9.7d can't accept pear connection. With very old
version of OpenSSL (I think 0.9.6) work properly.
I am recompile OpenSSL with CIPHER_DEBUG flag.
So, fly on handshake server know only DES_CBC3_SHA suite, while OpenSSL
know
Anyone know why I would get a No shared cipher error from the SSL
handshake?
__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List
the SSL_CTX_set_tmp_dh() for example:
check the source to s_server in apps/s_server.c for an example.
Bob Ingraham wrote:
Anyone know why I would get a No shared cipher error from the SSL
handshake?
__
OpenSSL Project
on a common
cipher: both sides show (the same) large list of available ciphers (using
SSL_get_ciphers()), but the SSL_connect() always results in the same error
(no shared cipher) on the server and a handshake failed error on the
client.
I've also tested using the OpenSSL s_client, and I get
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Friday 20 Jun 2003 07:29 am, Lutz Jaenicke wrote:
Are there any preconditions for using these ciphers, apart from setting a
private RSA key?
A corresponding public key (certificate) might be helpful.
Aha, thank you.
I definitely do need to
(using
SSL_get_ciphers()), but the SSL_connect() always results in the same error
(no shared cipher) on the server and a handshake failed error on the
client.
I've also tested using the OpenSSL s_client, and I get the same error when
used with my server.
I'm not really sure which cipher to use (I
with a 'No shared cipher' during the HELLO phase.. I do
have SSL_CTX_set_cipher_list ( ctx, "ALL") so I dont understand how I could get
a no shared cipher problem Has anyone else run into this
problem?
-Andrew T. FinnellSoftware
EngineereSecurity In
C. Gould wrote:
On Wed, Jul 25, 2001 at 11:22:09AM +1000, DT wrote:
I have a simple server which I can connect to using the openssl
client, and using Netscape no problems.
MS Internet Explorer refuses to connect and I get the dreaded
no shared cipher message on my server
On Wed, Jul 25, 2001 at 11:22:09AM +1000, DT wrote:
I have a simple server which I can connect to using the openssl
client, and using Netscape no problems.
MS Internet Explorer refuses to connect and I get the dreaded
no shared cipher message on my server.
Pointing IE to openssl s_server
Lutz Jaenicke wrote:
On Wed, Jul 25, 2001 at 11:22:09AM +1000, DT wrote:
I have a simple server which I can connect to using the openssl
client, and using Netscape no problems.
MS Internet Explorer refuses to connect and I get the dreaded
no shared cipher message on my server
to use these certificates, the handshake process fails
saying `no shared cipher`.
Thanks in advance.
Damitha.
__
OpenSSL Project http://www.openssl.org
User Support Mailing List
operations
[Mon Jun 28 10:25:15 1999] [error] mod_ssl: SSL handshake failed (client
198.96.117.181, server jah.tao.ca:443) (OpenSSL library error follows)
[Mon Jun 28 10:25:15 1999] [error] OpenSSL: error:1408A0C1:SSL
routines:SSL3_GET_CLIENT_HELLO:no shared cipher
configured -- resuming normal operations
[Mon Jun 28 10:25:15 1999] [error] mod_ssl: SSL handshake failed (client
198.96.117.181, server jah.tao.ca:443) (OpenSSL library error follows)
[Mon Jun 28 10:25:15 1999] [error] OpenSSL: error:1408A0C1:SSL
routines:SSL3_GET_CLIENT_HELLO:no shared cipher
] [error] mod_ssl: SSL handshake failed (client
198.96.117.181, server jah.tao.ca:443) (OpenSSL library error follows)
[Mon Jun 28 10:25:15 1999] [error] OpenSSL: error:1408A0C1:SSL
routines:SSL3_GET_CLIENT_HELLO:no shared cipher
88 matches
Mail list logo