On Thu, Nov 30, 2000 at 01:43:16PM +0100, Wolfgang Marczy wrote:
> I have some problems establishing a SSL connection. I am writing on an SMTP server,
>which
> should accept SSL connections.
> I am sending mails with Netscape 4.7 (and Microsoft Outlook) over SSL, but the
>connection
> fails, because no common enrcyption method was found:
>
> "error: 1408A0C1:SSL routines:SSL3_GETCLIENT_HELLO:no shared ciphers"
>
> Now my questions:
>
> I have initialized the SSL connection as described in the OpenSSL documentation, only
> SSL_accept fails with the above reason.
> I tried different cipher settings, like "SSLv3", "RC4-MD5" or the default values.
> SSL_set_cipher_list returned 1, so I believe it worked.
> What is additionally needed?
>
> The man pages state something about certificates and keys which I need to use these
> ciphers. Do I have to generate them manually with some function first,
> before the client accepts the ciphers?
For an RSA cipher (like RC4-MD5) you _must_ have an RSA certificate and
private key. You can create them with the OpenSSL included tools.
>From my homepage (see below), you can retrieve my Postfix/TLS patchkit.
It enables SSL for the Postfix SMTP server and also contains a short
course on how to generate certificates.
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/
Lehrstuhl Allgemeine Elektrotechnik Tel. +49 355 69-4129
Universitaetsplatz 3-4, D-03044 Cottbus Fax. +49 355 69-4153
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]