This is a discussion on Re: Got error on TLSv1 handshake when server is not sending its certificate - Openssl ; Hello, > I have a written a simple client-server program in which I am trying to communicate > between client and server using SSL by setting peer authentication OFF on both sides. > > When I don't set any certificates ...
> I have a written a simple client-server program in which I am trying to
> between client and server using SSL by setting peer authentication OFF
on both sides.
> When I don't set any certificates on server side, I am getting this
> (985): 41153: no shared cipher
> If I set certificate on server side, it is working fine.
> I have read TLSv1 RFC2246, in 7.3 section, they have given server
> certificate is optional.
> So, is it a restriction/limitation on openssl side? OR Am I doing any
mistake?. I tried
> look for the similar problems in openssl mail archive, but could not
This is because anonymous ciphers are disabled by default.
You may test this with:
$ openssl s_server -nocert
$ openssl s_client
this will give you no shared cipher.
But if you enable anonymous ciphers:
$ openssl s_server -nocert -cipher aNULL
$ openssl s_client -cipher aNULL
connection will be established properly.
Of course commands:
$ openssl s_server -nocert -cipher ALL
$ openssl s_client -cipher ALL
OpenSSL Project http://www.openssl.org
User Support Mailing List email@example.com
Automated List Manager firstname.lastname@example.org