Hi Kyle,
regarding your hint:
> SSL[_CTX]_set_cipher_list((is_ctx ? ctx : ssl),"STRONG:@STRENGTH") is
> your friend. I believe it defaults to essentially "NONE", but I could
> be wrong on that one -- I just know that "unable to negotiate a shared
> cipher" means that the cipher list sent by the client has a null union
> with the cipher list supported by the server.
>
with the error I cited in my other mail, I used
SSL_CTX_set_cipher_list( ctx, "ALL:DEFAULT:LOW" )
I checket this by typing
openssl ciphers -v "ALL:DEFAULT:LOW"
and saw, this is a list of > 50 ciphers.
So, for my /experiments/ this should not be the source of problems, right?
Of course, a /productive/ quality server shall use "STRONG:@STRENGTH".
But I think, I'm still far away from reducing some protocol offers.
The recent trouble is:
SSL_connect:before/connect initialization
SSL_connect:SSLv2/v3 write client hello A
SSL3 alert read:fatal:handshake failure
SSL_connect:error in SSLv2/v3 read server hello A
:-(
I'd appreciate _any_ further hint or help, next days.
with best regards,
Modem Man
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [email protected]
Automated List Manager [email protected]