Re: OpenSSL 1.0.1 example with SRP

Tue, 25 Oct 2011 06:59:16 -0700 

Hi Peter,

Same error on the server:

normg@conifer>./srpserver

Server is starting to listen on port 57784

Server is starting accept on port 57784
Connection accepted
SSL_accept failed, error=SSL_ERROR_SSL
Details: error:1408A0C1:SSL routines:SSL3_GET_CLIENT_HELLO:no shared cipher
s3_srvr.c at 1306
/home/normg/gssua/srp
normg@conifer>



Client output:

normg@conifer>$GEMSTONE/bin/openssl s_client -srpuser SystemUser -cipher SRP 
-connect localhost:57784
CONNECTED(00000003)
18446741324916266428:error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert 
handshake failure:s3_pkt.c:1227:SSL alert number 40
18446741324916266428:error:1409E0E5:SSL routines:SSL3_WRITE_BYTES:ssl handshake 
failure:s3_pkt.c:592:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 7 bytes and written 0 bytes
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
SSL-Session:
    Protocol  : TLSv1
    Cipher    : 0000
    Session-ID:
    Session-ID-ctx:
    Master-Key:
    Key-Arg   : None
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    Start Time: 1319550564
    Timeout   : 7200 (sec)
    Verify return code: 0 (ok)
---


----- Original Message -----
> From: "Peter Sylvester" <peter.sylves...@gmail.com>
> To: openssl-users@openssl.org
> Sent: Tuesday, October 25, 2011 3:18:39 AM
> Subject: Re: OpenSSL 1.0.1 example with SRP
> 
> On 10/25/2011 05:15 AM, Norm Green wrote:
> > Hello Experts,
> >
> > I'm new to OpenSSL so please bear with me.
> >
> > I'm trying to construct a simple example that uses a recent OpenSSL
> > 1.0.1 snapshot to create secure connection using SRP without using
> > any certificates.  I am aware 1.0.1 is not yet released, but I've
> > been told this should be possible.
> try this first with s_client and s_server   you need cipher SRP fo
> them
> 
> what happens when you connect to your server with
> 
>    openssl s_client -srpuser <USER> -cipher SRP -connect server:port
> 
> 
> 
> ______________________________________________________________________
> OpenSSL Project
>                                 http://www.openssl.org
> User Support Mailing List
>                    openssl-users@openssl.org
> Automated List Manager
>                           majord...@openssl.org
> 
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    openssl-users@openssl.org
Automated List Manager                           majord...@openssl.org

Reply via email to