'no shared cipher', TLS_method on OpenSSL-1-1-0-pre7-dev

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Using OpenSSL 1.1.0-pre7-dev, our SSL server app is reporting:

 

10308:error:1417A0C1:SSL routines:tls_post_process_client_hello:no shared
cipher:ssl\statem\statem_srvr.c:1420:

 

Client & server both set to use TLS_method() with default ciphers.  With

-DCIPHER_DEBUG enabled in our OpenSSL build, we get the following:

 

0:[00000004:00000008:0000008C:00000014]003C6A08:ECDHE-ECDSA-AES256-GCM-SHA38
4

0:[00000004:00000001:0000008C:00000014]003C6A80:ECDHE-RSA-AES256-GCM-SHA384

0:[00000002:00000001:0000008C:00000014]003C5CAC:DHE-RSA-AES256-GCM-SHA384

0:[00000004:00000008:0000008C:00000014]003C7458:ECDHE-ECDSA-CHACHA20-POLY130
5

0:[00000004:00000001:0000008C:00000014]003C741C:ECDHE-RSA-CHACHA20-POLY1305

0:[00000002:00000001:0000008C:00000014]003C7494:DHE-RSA-CHACHA20-POLY1305

0:[00000004:00000008:0000008C:00000014]003C69CC:ECDHE-ECDSA-AES128-GCM-SHA25
6

0:[00000004:00000001:0000008C:00000014]003C6A44:ECDHE-RSA-AES128-GCM-SHA256

0:[00000002:00000001:0000008C:00000014]003C5C70:DHE-RSA-AES128-GCM-SHA256

0:[00000004:00000008:0000008C:00000014]003C6918:ECDHE-ECDSA-AES256-SHA384

0:[00000004:00000001:0000008C:00000014]003C6990:ECDHE-RSA-AES256-SHA384

0:[00000002:00000001:0000008C:00000014]003C56D0:DHE-RSA-AES256-SHA256

0:[00000004:00000008:0000008C:00000014]003C68DC:ECDHE-ECDSA-AES128-SHA256

0:[00000004:00000001:0000008C:00000014]003C6954:ECDHE-RSA-AES128-SHA256

0:[00000002:00000001:0000008C:00000014]003C5658:DHE-RSA-AES128-SHA256

0:[00000004:00000008:0000008C:00000014]003C64A4:ECDHE-ECDSA-AES256-SHA

0:[00000004:00000001:0000008C:00000014]003C6594:ECDHE-RSA-AES256-SHA

0:[00000002:00000001:0000008C:00000014]003C5400:DHE-RSA-AES256-SHA

0:[00000004:00000008:0000008C:00000014]003C6468:ECDHE-ECDSA-AES128-SHA

0:[00000004:00000001:0000008C:00000014]003C6558:ECDHE-RSA-AES128-SHA

0:[00000002:00000001:0000008C:00000014]003C5310:DHE-RSA-AES128-SHA

0:[00000004:00000008:0000008C:00000014]003C642C:ECDHE-ECDSA-DES-CBC3-SHA

0:[00000004:00000001:0000008C:00000014]003C651C:ECDHE-RSA-DES-CBC3-SHA

0:[00000002:00000001:0000008C:00000014]003C516C:DHE-RSA-DES-CBC3-SHA

0:[00000001:00000001:0000008C:00000014]003C5C34:AES256-GCM-SHA384

0:[00000001:00000001:0000008C:00000014]003C5BF8:AES128-GCM-SHA256

0:[00000001:00000001:0000008C:00000014]003C54F0:AES256-SHA256

0:[00000001:00000001:0000008C:00000014]003C54B4:AES128-SHA256

0:[00000001:00000001:0000008C:00000014]003C5388:AES256-SHA

0:[00000001:00000001:0000008C:00000014]003C5298:AES128-SHA

0:[00000001:00000001:0000008C:00000014]003C50F4:DES-CBC3-SHA

 

It looks like both client & server have a lot of cipher's they could use

together, but for a reason I can't yet understand, the server is refusing to

accept the client's offered ciphers.

 

Could anyone shed any light on this?

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20160806/d0052f18/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4722 bytes
Desc: not available
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20160806/d0052f18/attachment-0001.bin>
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux