[openssl-users] Diffie-Hellman Questions

Norm Green norm.green at gemtalksystems.com
Tue May 24 19:39:38 UTC 2016

I've tried both:




on both the client and server side, both of which result in the dreaded 
"no shared cipher" error:

error:1408A0C1:SSL routines:ssl3_get_client_hello:no shared 

The following works but is not what I want:


Any suggestions on how to proceed?

Norm Green

On 5/24/16 10:45, Salz, Rich wrote:
>>   >./openssl ciphers -v 'ALL:aNULL' |grep ECDH |grep "Au=None"
>> AECDH-AES256-SHA        SSLv3 Kx=ECDH     Au=None Enc=AES(256)  Mac=SHA1
>> AECDH-AES128-SHA        SSLv3 Kx=ECDH     Au=None Enc=AES(128)  Mac=SHA1
>> AECDH-RC4-SHA           SSLv3 Kx=ECDH     Au=None Enc=RC4(128)  Mac=SHA1
>> AECDH-DES-CBC3-SHA      SSLv3 Kx=ECDH     Au=None Enc=3DES(168)
>> Mac=SHA1
>> AECDH-NULL-SHA          SSLv3 Kx=ECDH     Au=None Enc=None      Mac=SHA1
>> 1) What arg to SSL_CTX_set_cipher_list() to I need to use to get these?
>> I previously tried "kEECDH:kEDH" and that didn't work.
> Use one of the names in the first column.
>> 2) These ciphers all report as SSLv3.
> That is the protocol version where they were first defined.

More information about the openssl-users mailing list