[Users] RE: TLS Cipher error?

Klaus Darilion klaus.mailinglists at pernau.at
Fri Feb 17 14:25:32 CET 2006 

Try

tls_ciphers_list="ALL"

regards
klaus

Tóth Péter wrote:
> Helo!
> 
> The connection failed between openser and avaya, as you can see in sshdump, because the first handshake does not succeed. The reason of the failure, i think in the cipher, sent by avaya: 
> TLS_DHE_RSA_WITH_DES_CBC_SHA
> After this package send a FIN, and close the connection!
> This is just 1 cipher, but in openssl must be send a dozen of ciphers, or not? Openser can not choose from one... I tried with an another openssl connection to an other machine (with s_client),and the connection was successfully, and in the cipherlist there is the upon one! 
> 
> I don't know, how to delete or add ciphers to the cipherlist, may this would help me a lot! 
> 
> Thanks: Peter
> -----Original Message-----
> From: Klaus Darilion [mailto:klaus.mailinglists at pernau.at] 
> Sent: 2006. február 17. 10:37
> To: Tóth Péter
> Cc: users at openser.org
> Subject: Re: [Users] TLS Cipher error?
> 
> Does openser connect to avaya or vice versa?
> Watch the syslog output of openser. The tls stack of opneser will log to 
> syslog why the connection failed.
> regards
> klaus
> 
> Tóth Péter wrote:
>> Helo!
>>
>>  
>>
>> Thans a lot for last help, I started succesfully the openser 1.0.0.0 tls 
>> version, but I can not connent to an avaya pbx. The ssldump's result is 
>> the following:
>>
>>  
>>
>> New TCP connection #1: avaya_IP(14463) <-> debianom(5061)
>>
>> 1 1  0.0060 (0.0060)  C>S  Handshake
>>
>>       ClientHello
>>
>>         Version 3.1
>>
>>         cipher suites
>>
>>         TLS_DHE_RSA_WITH_DES_CBC_SHA
>>
>>         compression methods
>>
>>                   NULL
>>
>> 1 2  0.0572 (0.0512)  S>C  Alert
>>
>>     level           fatal
>>
>>     value           handshake_failure
>>
>> 1    0.0603 (0.0030)  C>S  TCP FIN
>>
>> 1    0.0682 (0.0079)  S>C  TCP FIN
>>
>>  
>>
>> I do not know what is the following step. Openssl and libssl (0.9.7) are 
>> installed, what should I do? I have to Edit the config-file?
>>
>> I don't find these ciphers... Pls help!
>>
>>  
>>
>> Thanx:
>>
>>  
>>
>> Tóth Péter
>>
>>  
>>
>>
>> ------------------------------------------------------------------------
>>
>> _______________________________________________
>> Users mailing list
>> Users at openser.org
>> http://openser.org/cgi-bin/mailman/listinfo/users
> 
> 
> 
> 
> _______________________________________________
> Users mailing list
> Users at openser.org
> http://openser.org/cgi-bin/mailman/listinfo/users

More information about the Users mailing list