One small piece of additional info: I'm trying to avoid the use of any certificates. Is that even possible with OpenSSL?
On Wed, May 26, 2010 at 6:34 AM, Dallas Clement <dallas.a.clem...@gmail.com> wrote: > Hi Patrick, > > I had first tried doing it at run-time, and it didn't seem to work. > > SSL_set_cipher_list( mpSsl, "aNULL" ); > > I then modified ssl.h as follows: > > #define SSL_DEFAULT_CIPHER_LIST "aNULL:eNULL" /* low priority for RC4 > */ > > In both cases, I'm getting this error on the server end: > > SSL error code = 1, msg = SSL_ERROR_SSL, error:1408A0C1:SSL > routines:SSL3_GET_CLIENT_HELLO:no shared cipher > > And this error on the client end: > > SSL error code = 1, msg = SSL_ERROR_SSL, error:14077410:SSL > routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure > > Can you see anything I might be doing wrong? > > Thanks, > Dallas > > On Wed, May 26, 2010 at 2:45 AM, Eisenacher, Patrick > <patrick.eisenac...@bdr.de> wrote: >> Hi Dallas, >> >>> -----Original Message----- >>> From: Dallas Clement >>> >>> Just wondering what the best way to turn off authentication is. I'm >>> wanting to do so for testing purposes. Would someone please advise? >> >> just configure "aNULL" (see ssl.h) for your ciphersuites on both endpoints. >> That way only ciphersuites without authentication get activated. >> >> HTH, >> Patrick >> ______________________________________________________________________ >> OpenSSL Project http://www.openssl.org >> User Support Mailing List openssl-us...@openssl.org >> Automated List Manager majord...@openssl.org >> > ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
