Re: determining the ssl cipher a client is trying to use

[Aaron Richton <richton@nbcs.rutgers.edu>]

Somewhere above

TLS: error:1408A0C1:SSL routines:SSL3_GET_CLIENT_HELLO:no shared cipher
s3_srvr.c:888

(I assume that's the error you're getting) there are packet dumps--look
for the hex. Are those useful (albeit unwieldy)?

Anyway, I'd go at this from a different layer.
http://www.rtfm.com/ssldump/ comes to mind.

On Fri, 5 Aug 2005, Francis Swasey wrote:

> I am attempting to help our local team deploying PeopleSoft at UVM get
> an SSL connection to our LDAP server.  At the present time, we are up to
> the point of the PeopleSoft supplied ldapsearch.exe program attempting
> the SSL connection, but the two sides are unable to find an encryption
> cipher that they will both agree to use.
>
> I have been unable to determine what SSL encryption cipher the client is
> attempting to use -- it's not saying and slapd run with -d -1 on the
> server doesn't tell me either (which is both surprising and disappointing).
>
> I've googled and come up empty -- does anyone have a method for
> determining what SSL cipher a client is trying to use with an OpenLDAP
> 2.2.26 server?
>
> Thanks,
> --
> Frank Swasey                    | http://www.uvm.edu/~fcs
> Informtn Tech Profssnl Sr       | Always remember: You are UNIQUE,
> University of Vermont           |    just like everyone else.
>    "I am not young enough to know everything." - Oscar Wilde (1854-1900)
>