Hello, I have just joined the many people who are using openssl and I want to say thank you to the developers for creating and maintaining this library; I greatly appreciate the time and effort you all must have put into this. I really should say I am attempting to join the many people who use openssl; I am attempting to update an unmaintained UDP encrypted communication library that I am told used to work (but have not seen evidence of this myself) and appears to have always used openssl but I do not know what version. I have successfully managed to compile and link to a current openssl library (openssl-1.0.1j.tar.gz) but have been unable to determine what are the likely causes of the following error messages: 139924302898976:error:1411C146:SSL routines:tls1_prf:unsupported digest type:t1_enc.c:276: 139924302898976:error:140D308A:SSL routines:TLS1_SETUP_KEY_BLOCK:cipher or hash unavailable:t1_enc.c:602: There is a long thread of discussion about these error messages being encountered by a Joan Moreau which appears to blame the O/S install or compilation options (http://www.devheads.net/server/postfix/user/smtps-465.htm) I am using CentOS 6.6 (updated with "sudo yum update"), configured, compiled and deployed openssl using the downloaded source following the instructions on http://www.linuxfromscratch.org/blfs/view/svn/postlfs/openssl.html Invoking "openssl version -a" gives me the following OpenSSL 1.0.1j 15 Oct 2014 built on: Thu Dec 11 14:23:36 GMT 2014 platform: linux-x86_64 options: bn(64,64) rc4(16x,int) des(idx,cisc,16,int) idea(int) blowfish(idx) compiler: gcc -fPIC -DOPENSSL_PIC -DZLIB_SHARED -DZLIB -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -Wa,--noexecstack -m64 -DL_ENDIAN -DTERMIO -O3 -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM OPENSSLDIR: "/etc/ssl" I am testing the library using a demo client/server (which appears to have been used by the original author to develop the library) with a private RSA key and public self-signed certificate. I have re-created a key and certificate to check to make sure there was no problem with them (the original demo key and certificate resulted in the same error messages). The key uses: Private-Key: (2048 bit) The certificate uses: Signature Algorithm: sha1WithRSAEncryption Public Key Algorithm: rsaEncryption Public-Key: (2048 bit) Signature Algorithm: sha1WithRSAEncryption Both the modulus and public exponents match I would be very grateful if anyone could suggest any useful lines of inquiry whilst I try to use gdb to determine the call chain that results in these error messages. Thank you for any help you can provide, Richard -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://mta.opensslfoundation.net/pipermail/openssl-users/attachments/20141216/f63f9fe0/attachment.html>