[openssl-users] OpenSSL and iCloud

openssl at comaxis.com openssl at comaxis.com
Mon Jan 5 22:31:29 UTC 2015

Never mind - I got it to work by using: meth = SSLv23_method();
>> On Jan 5, 2015, at 12:01 PM, openssl at comaxis.com wrote:
>>> Are there any known problems using OpenSSL with iCloud?  I am trying to
>>> connect to imap.mail.me.com using port 993.  My call to SSL_Connect()
>>> returns 0, with SSL_get_error() returing 1 (SSL_ERROR_SSL).  I am using
>>> OpenSSL version 1.0.1h, running on Win32.  I can use this code with any
>>> other IMAP server with no problems.
>> Are you able to connect using the openssl s_client application? I can
>> connect (to port 993, no starttls) with either 1.0.1j or 0.9.8za;
>> perhaps
>> s_client will give you a more diagnostic error message if it also fails
>> for you.
> I made a build of 1.0.1j but it made no difference to my application. In
> fact, I *can* use "openssl s_client -connect" with iCloud.  Doing the same
> thing with my own server (which my application works with) the only thing
> I see different in the diagnostics provided by openssl is the cipher:
> for imap.mail.me.com I get "AES256-GCM-SHA384" but with my own, I
> get "ECDHE-RSA-AES256-GCM-SHA384".  Do I need to do something in the build
> open OpenSSL to get support for AES256, or something different in my code
> that uses SSL?  I would assume the latter, since the openssl utility is
> using my brand new builds of the ssl dlls.  Here is what I am doing (with
> error checking removed):
> SSL_library_init();
> SSL_load_error_strings();
> wsprintf (seed,"%lx%lx", GetCurrentProcessId(), time(0));
> RAND_seed (seed, strlen(seed));
> meth=SSLv3_method();
> ctx = SSL_CTX_new(meth);
> SSL_CTX_set_options(ctx,0);
> SSL_CTX_set_verify(ctx,SSL_VERIFY_NONE,NULL);
> SSL_CTX_set_default_verify_paths(ctx);
> ssl = SSL_new(ctx);
> sbio = BIO_new_socket(gSocket, BIO_NOCLOSE);
> SSL_set_bio(ssl, sbio, sbio);
> ret = SSL_connect(ssl);

More information about the openssl-users mailing list