Hi, Marek, I have tried. It did not work. Since my work is based on ACE_SSL, I tried with ACE_SSL example program. Still could not setup TLS connection. Seems like an ACE_SSL bug.
Thanks, Roger > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] Behalf Of Marek Marcola > Sent: Tuesday, April 18, 2006 5:05 PM > To: openssl-users@openssl.org > Subject: RE: strange problem of "no shared cipher" for no > certificateTLSconnection > > > Hello, > > > I used SSL_CTX_set_cipher_list() to try all kinds of ADH > plus aNULL, eNULL, NULL and ALL. > > The connection still could not be setup without server certificate. > > On server side: > - generate DH parameters file: > # openssl dhparam 512 -out dhparm.pem > - add code to initialize SSL_CTX structure: > > static DH *load_dh_param(const char *dhfile) > { > DH *ret=NULL; > BIO *bio; > > if ((bio=BIO_new_file(dhfile,"r")) == NULL){ > goto err; > } > ret=PEM_read_bio_DHparams(bio,NULL,NULL,NULL); > > err: > if (bio != NULL){ > BIO_free(bio); > } > return(ret); > } > .. > .. > SSL_CTX *ctx; > DH *dh; > .. > .. > if((dh=load_dh_param("dhparam.pem")) == NULL){ > ERR_print_errors_fp(stderr); > goto err; > } > SSL_CTX_set_tmp_dh(ctx,dh); > DH_free(dh); > > if(!SSL_CTX_set_cipher_list(ctx,"ADH")) { > ERR_print_errors_fp(stderr); > goto err; > } > .. > .. > > On client side: > - add code to initialize SSL_CTX structure: > > if(!SSL_CTX_set_cipher_list(ctx,"ADH")) { > ERR_print_errors_fp(stderr); > goto err; > } > > Best regards, > -- > Marek Marcola <[EMAIL PROTECTED]> > > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-users@openssl.org > Automated List Manager [EMAIL PROTECTED] > ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
