> I have a written a simple client-server program in which I am trying to

> between client and server using SSL by setting peer authentication OFF

on both sides.
> When I don't set any certificates on server side, I am getting this

error s3_srvr.c
> (985): 41153: no shared cipher
> If I set certificate on server side, it is working fine.
> I have read TLSv1 RFC2246, in 7.3 section, they have given server

sending its
> certificate is optional.
> So, is it a restriction/limitation on openssl side? OR Am I doing any

mistake?. I tried
> look for the similar problems in openssl mail archive, but could not

find any.
This is because anonymous ciphers are disabled by default.
You may test this with:
$ openssl s_server -nocert
$ openssl s_client
this will give you no shared cipher.
But if you enable anonymous ciphers:
$ openssl s_server -nocert -cipher aNULL
$ openssl s_client -cipher aNULL
connection will be established properly.
Of course commands:
$ openssl s_server -nocert -cipher ALL
$ openssl s_client -cipher ALL
works too.

Best regards,
Marek Marcola

__________________________________________________ ____________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majordomo@openssl.org