Hi Peter, Same error on the server:
normg@conifer>./srpserver Server is starting to listen on port 57784 Server is starting accept on port 57784 Connection accepted SSL_accept failed, error=SSL_ERROR_SSL Details: error:1408A0C1:SSL routines:SSL3_GET_CLIENT_HELLO:no shared cipher s3_srvr.c at 1306 /home/normg/gssua/srp normg@conifer> Client output: normg@conifer>$GEMSTONE/bin/openssl s_client -srpuser SystemUser -cipher SRP -connect localhost:57784 CONNECTED(00000003) 18446741324916266428:error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure:s3_pkt.c:1227:SSL alert number 40 18446741324916266428:error:1409E0E5:SSL routines:SSL3_WRITE_BYTES:ssl handshake failure:s3_pkt.c:592: --- no peer certificate available --- No client certificate CA names sent --- SSL handshake has read 7 bytes and written 0 bytes --- New, (NONE), Cipher is (NONE) Secure Renegotiation IS NOT supported Compression: NONE Expansion: NONE SSL-Session: Protocol : TLSv1 Cipher : 0000 Session-ID: Session-ID-ctx: Master-Key: Key-Arg : None PSK identity: None PSK identity hint: None SRP username: None Start Time: 1319550564 Timeout : 7200 (sec) Verify return code: 0 (ok) --- ----- Original Message ----- > From: "Peter Sylvester" <peter.sylves...@gmail.com> > To: openssl-users@openssl.org > Sent: Tuesday, October 25, 2011 3:18:39 AM > Subject: Re: OpenSSL 1.0.1 example with SRP > > On 10/25/2011 05:15 AM, Norm Green wrote: > > Hello Experts, > > > > I'm new to OpenSSL so please bear with me. > > > > I'm trying to construct a simple example that uses a recent OpenSSL > > 1.0.1 snapshot to create secure connection using SRP without using > > any certificates. I am aware 1.0.1 is not yet released, but I've > > been told this should be possible. > try this first with s_client and s_server you need cipher SRP fo > them > > what happens when you connect to your server with > > openssl s_client -srpuser <USER> -cipher SRP -connect server:port > > > > ______________________________________________________________________ > OpenSSL Project > http://www.openssl.org > User Support Mailing List > openssl-users@openssl.org > Automated List Manager > majord...@openssl.org > ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org