Hi Patrick, I had first tried doing it at run-time, and it didn't seem to work.
SSL_set_cipher_list( mpSsl, "aNULL" ); I then modified ssl.h as follows: #define SSL_DEFAULT_CIPHER_LIST "aNULL:eNULL" /* low priority for RC4 */ In both cases, I'm getting this error on the server end: SSL error code = 1, msg = SSL_ERROR_SSL, error:1408A0C1:SSL routines:SSL3_GET_CLIENT_HELLO:no shared cipher And this error on the client end: SSL error code = 1, msg = SSL_ERROR_SSL, error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure Can you see anything I might be doing wrong? Thanks, Dallas On Wed, May 26, 2010 at 2:45 AM, Eisenacher, Patrick <patrick.eisenac...@bdr.de> wrote: > Hi Dallas, > >> -----Original Message----- >> From: Dallas Clement >> >> Just wondering what the best way to turn off authentication is. I'm >> wanting to do so for testing purposes. Would someone please advise? > > just configure "aNULL" (see ssl.h) for your ciphersuites on both endpoints. > That way only ciphersuites without authentication get activated. > > HTH, > Patrick > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-us...@openssl.org > Automated List Manager majord...@openssl.org > ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
