No server certificate and “no shared cipher” when clients connect

后端 未结 1 1877
渐次进展
渐次进展 2021-01-24 20:17

I am writing a SSL server and client for communication. I have the following code for server

SSL_CTX* InitServerCTX(void)
{       
   SSL_METHOD *method;
   SSL_         


        
1条回答
  •  野的像风
    2021-01-24 20:42

     SSL_CTX_set_cipher_list(ctx, "HIGH:MEDIUM:!eNULL:!aNULL:!RC4");
    

    I am not using any certificates or keys.

    Since you neither use certificates nor SRP the only possible ciphers are thus where no authentication of the server is done. But you did explicitly exclude these ciphers with !aNULL in both client and server. This means that none of the ciphers offered by the client or accepted by the server is able to work with no authentication which results in "no shared ciphers". From the documentation of ciphers:

    aNULL
    the cipher suites offering no authentication. This is currently the anonymous DH algorithms. These cipher suites are vulnerable to a "man in the middle" attack and so their use is normally discouraged.

    0 讨论(0)
提交回复
热议问题