On Mon, Dec 07, 2015 at 10:46:26PM +0000, Nounou Dadoun wrote: > The cipher setting on the server is: > SSL_CTX_set_cipher_list(pSslContext->GetNativeRef().impl(), "ALL:SEED:!EXPORT:!LOW:!DES:!RC4"); Note, your cipher setting is likely not what you intend it to be, instead try: "DEFAULT:!EXPORT:!LOW:!RC4:+SEED" Unless you know what you're doing in enabling anonymous ciphers. Also note the difference between ":SEED" and ":+SEED". You're also using a version 1 server certificate with a public exponent of "3". This is a really bad idea. You've not defined any DH or ECDH parameters, so the cipher selected uses RSA key transport, not a good idea, but should work barring bugs on either side. > Any suggestions? Is it possible that we've selected a cipher setting which is not compiled in? No, that gives you plenty of ciphers (more than you need). Perhaps the client is buggy. Have you tried OpenSSL 1.0.2e? What software is the client running? In any case, there are enough red flags all over the place that make it likely that other mistakes are being made. -- Viktor.
