I've figured this out. Just needed to disable cert verification in addition to using aNULL cipher.
SSL_CTX_set_verify( mpSslContext, SSL_VERIFY_NONE, NULL ); Sorry for the spam. On Wed, May 26, 2010 at 7:20 PM, Dallas Clement <dallas.a.clem...@gmail.com> wrote: > One small piece of additional info: I'm trying to avoid the use of > any certificates. Is that even possible with OpenSSL? > > On Wed, May 26, 2010 at 6:34 AM, Dallas Clement > <dallas.a.clem...@gmail.com> wrote: >> Hi Patrick, >> >> I had first tried doing it at run-time, and it didn't seem to work. >> >> SSL_set_cipher_list( mpSsl, "aNULL" ); >> >> I then modified ssl.h as follows: >> >> #define SSL_DEFAULT_CIPHER_LIST "aNULL:eNULL" /* low priority for RC4 >> */ >> >> In both cases, I'm getting this error on the server end: >> >> SSL error code = 1, msg = SSL_ERROR_SSL, error:1408A0C1:SSL >> routines:SSL3_GET_CLIENT_HELLO:no shared cipher >> >> And this error on the client end: >> >> SSL error code = 1, msg = SSL_ERROR_SSL, error:14077410:SSL >> routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure >> >> Can you see anything I might be doing wrong? >> >> Thanks, >> Dallas >> >> On Wed, May 26, 2010 at 2:45 AM, Eisenacher, Patrick >> <patrick.eisenac...@bdr.de> wrote: >>> Hi Dallas, >>> >>>> -----Original Message----- >>>> From: Dallas Clement >>>> >>>> Just wondering what the best way to turn off authentication is. I'm >>>> wanting to do so for testing purposes. Would someone please advise? >>> >>> just configure "aNULL" (see ssl.h) for your ciphersuites on both endpoints. >>> That way only ciphersuites without authentication get activated. >>> >>> HTH, >>> Patrick >>> ______________________________________________________________________ >>> OpenSSL Project http://www.openssl.org >>> User Support Mailing List openssl-us...@openssl.org >>> Automated List Manager majord...@openssl.org >>> >> > ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org