Le 13/12/2013 19:30, Walter H. a écrit :
On 12.12.2013 14:16, Erwann Abalea wrote:
It's not strange.
You removed the RSA-* from client side, the result is that the server
can't match anything in common between what the client proposed and
what the server accepts. The error you get has been sent by the server.
The server is capable of ciphers DHE-* and others;
the list is quite longer than the avaiable ciphers of the client ...,
so I think this is quite strange ...
The ClientHello message will show what ciphersuite is proposed by the
client.
You'll have to match it with what the server is willing to accept.
openssl ciphers -V
shows e.g. ECDHE-ECDSA-DES-CBC3-SHA
the site https://cc.dcsec.uni-hannover.de/ shows this:
ECDHE-ECDSA-3DES-EDE-SHA
are these the same cipher suites but two confusing names?
I'd say yes, but what is really exchanged is a list of 16 bits numbers,
not names.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
