I have tried. It did not work. Since my work is based on ACE_SSL, I tried with ACE_SSL example program. Still could not setup TLS connection. Seems like an ACE_SSL bug.
> -----Original Message-----
> From:
[hidden email]
> [mailto:
[hidden email]]On Behalf Of Marek Marcola
> Sent: Tuesday, April 18, 2006 5:05 PM
> To:
[hidden email]
> Subject: RE: strange problem of "no shared cipher" for no
> certificateTLSconnection
>
>
> Hello,
>
> > I used SSL_CTX_set_cipher_list() to try all kinds of ADH
> plus aNULL, eNULL, NULL and ALL.
> > The connection still could not be setup without server certificate.
>
> On server side:
> - generate DH parameters file:
> # openssl dhparam 512 -out dhparm.pem
> - add code to initialize SSL_CTX structure:
>
> static DH *load_dh_param(const char *dhfile)
> {
> DH *ret=NULL;
> BIO *bio;
>
> if ((bio=BIO_new_file(dhfile,"r")) == NULL){
> goto err;
> }
> ret=PEM_read_bio_DHparams(bio,NULL,NULL,NULL);
>
> err:
> if (bio != NULL){
> BIO_free(bio);
> }
> return(ret);
> }
> ..
> ..
> SSL_CTX *ctx;
> DH *dh;
> ..
> ..
> if((dh=load_dh_param("dhparam.pem")) == NULL){
> ERR_print_errors_fp(stderr);
> goto err;
> }
> SSL_CTX_set_tmp_dh(ctx,dh);
> DH_free(dh);
>
> if(!SSL_CTX_set_cipher_list(ctx,"ADH")) {
> ERR_print_errors_fp(stderr);
> goto err;
> }
> ..
> ..
>
> On client side:
> - add code to initialize SSL_CTX structure:
>
> if(!SSL_CTX_set_cipher_list(ctx,"ADH")) {
> ERR_print_errors_fp(stderr);
> goto err;
> }
>
> Best regards,
> --
> Marek Marcola <
[hidden email]>
>
> ______________________________________________________________________
> OpenSSL Project
http://www.openssl.org> User Support Mailing List
[hidden email]
> Automated List Manager
[hidden email]
>
Locked
