Issue with openssl client and IIS Server

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view

Issue with openssl client and IIS Server

Subramanian Ramachandran



I signed up with the openssl yesterday and the thread I posted yesterday with the issue given below is still pending on Hence I decided to just write another email to the above address.


My issue:

I am using openssl to connect to an IIS 6.0 server. I am just getting alphanumerc (%^$????...etc) characters as the received message for the first time. Why is this so? Subsequent messages are received correctly by the IIS server. I have tried my best to research the options I am setting and have carried out many tests but, no success. I am using the following flow of commands to negotiate and connect with the IIS server before posting any data:

            httpclient_SSL_CTX = SSL_CTX_new(SSLv3_client_method());
            /* set up SSL structures */
            SSL_CTX_sess_set_cache_size(httpclient_SSL_CTX, 20);
                                           SSL_SESS_CACHE_CLIENT |
            SSL_CTX_set_timeout(httpclient_SSL_CTX, SESSION_TIMEOUT);

            SSL_CTX_set_mode(httpclient_SSL_CTX, 0);

            /* set up which ciphers we are willing to use */
            /*  CIPHER_LIST = "RC4-SHA:RC4-MD5:EXP-RC4-MD5" */
            err = SSL_CTX_set_cipher_list(httpclient_SSL_CTX, CIPHER_LIST);

      /* create new SSL connection */
      hc->SSL_conn = SSL_new(httpclient_SSL_CTX);

      /* using SSL for client, not server */

      /* do not enable auto-retry mode for rehandshaking */
      SSL_set_mode(hc->SSL_conn, 0);

      /* connect SSL object to our socket */
      SSL_set_fd(hc->SSL_conn, hc->Sock);
      /*SESSION_TIMEOUT = 300 seconds */
      SSL_set_timeout(hc->SSL_conn->session, SESSION_TIMEOUT);


      /* negotiate SSL with server */
      err = SSL_connect(hc->SSL_conn);

I configured the initial socket as blocking so that SSL_connect only returns after the complete negotiation. My understanding is that SSL_connect should take care of all cert and key exchanges so that when I subsequently use the socket hc->SSL_conn.

Am i missing something here?

Thanks for your help in advance.




Subramanian Ramachandran

Embedded Software Engineer




MWA Intelligence, Inc.

Managing Workforce and Assets


15990 N Greenway Hayden Loop

Suite 400

Scottsdale, AZ 85260

480.538.5614 Direct

480.299.3368 Cell

480.538.5995 Fax

[hidden email]


For more information, please visit or contact our Customer Care Center at 888.703.2780.