<div dir="ltr"><div><span style="font-family:arial,sans-serif;font-size:13px">Hi Michael,</span></div><div><span style="font-family:arial,sans-serif;font-size:13px"><b> </b>Thanks for the reply, Ignore the duplicate mail sorry for that.</span></div>
<div><span style="font-family:arial,sans-serif;font-size:13px"> First I want to check with openssl util, if it works fine then i can go to cpp client.</span></div><div><span style="font-family:arial,sans-serif;font-size:13px"> </span></div>
<div><b><span style="font-family:arial,sans-serif;font-size:13px"> </span></b></div><div><b><span style="font-family:arial,sans-serif;font-size:13px">This suggests the client and the server cannot agree on a shared cipher suite</span><br style="font-family:arial,sans-serif;font-size:13px">
<span style="font-family:arial,sans-serif;font-size:13px">to use.</span><br style="font-family:arial,sans-serif;font-size:13px"><br style="font-family:arial,sans-serif;font-size:13px"><span style="font-family:arial,sans-serif;font-size:13px">What do</span><br style="font-family:arial,sans-serif;font-size:13px">
<br style="font-family:arial,sans-serif;font-size:13px"><span style="font-family:arial,sans-serif;font-size:13px"> * openssl version</span><br style="font-family:arial,sans-serif;font-size:13px"><span style="font-family:arial,sans-serif;font-size:13px"> * openssl ciphers -v</span><br style="font-family:arial,sans-serif;font-size:13px">
<br style="font-family:arial,sans-serif;font-size:13px"><span style="font-family:arial,sans-serif;font-size:13px">output for you?</span></b><br></div><div><span style="font-family:arial,sans-serif;font-size:13px"><br></span></div>
<div><font color="#0000ff"># openssl version</font></div><div><font color="#0000ff">OpenSSL 1.0.0-fips 29 Mar 2010</font></div><div><br></div><div><br></div><div><div><font color="#0000ff"># openssl ciphers -v</font></div>
<div><font color="#0000ff">DHE-RSA-AES256-SHA SSLv3 Kx=DH Au=RSA Enc=AES(256) Mac=SHA1</font></div><div><font color="#0000ff">DHE-DSS-AES256-SHA SSLv3 Kx=DH Au=DSS Enc=AES(256) Mac=SHA1</font></div>
<div><font color="#0000ff">DHE-RSA-CAMELLIA256-SHA SSLv3 Kx=DH Au=RSA Enc=Camellia(256) Mac=SHA1</font></div><div><font color="#0000ff">DHE-DSS-CAMELLIA256-SHA SSLv3 Kx=DH Au=DSS Enc=Camellia(256) Mac=SHA1</font></div>
<div><font color="#0000ff">AES256-SHA SSLv3 Kx=RSA Au=RSA Enc=AES(256) Mac=SHA1</font></div><div><font color="#0000ff">CAMELLIA256-SHA SSLv3 Kx=RSA Au=RSA Enc=Camellia(256) Mac=SHA1</font></div>
<div><font color="#0000ff">PSK-AES256-CBC-SHA SSLv3 Kx=PSK Au=PSK Enc=AES(256) Mac=SHA1</font></div><div><font color="#0000ff">EDH-RSA-DES-CBC3-SHA SSLv3 Kx=DH Au=RSA Enc=3DES(168) Mac=SHA1</font></div>
<div><font color="#0000ff">EDH-DSS-DES-CBC3-SHA SSLv3 Kx=DH Au=DSS Enc=3DES(168) Mac=SHA1</font></div><div><font color="#0000ff">DES-CBC3-SHA SSLv3 Kx=RSA Au=RSA Enc=3DES(168) Mac=SHA1</font></div>
<div><font color="#0000ff">PSK-3DES-EDE-CBC-SHA SSLv3 Kx=PSK Au=PSK Enc=3DES(168) Mac=SHA1</font></div><div><font color="#0000ff">KRB5-DES-CBC3-SHA SSLv3 Kx=KRB5 Au=KRB5 Enc=3DES(168) Mac=SHA1</font></div>
<div><font color="#0000ff">KRB5-DES-CBC3-MD5 SSLv3 Kx=KRB5 Au=KRB5 Enc=3DES(168) Mac=MD5</font></div><div><font color="#0000ff">DHE-RSA-AES128-SHA SSLv3 Kx=DH Au=RSA Enc=AES(128) Mac=SHA1</font></div>
<div><font color="#0000ff">DHE-DSS-AES128-SHA SSLv3 Kx=DH Au=DSS Enc=AES(128) Mac=SHA1</font></div><div><font color="#0000ff">DHE-RSA-SEED-SHA SSLv3 Kx=DH Au=RSA Enc=SEED(128) Mac=SHA1</font></div>
<div><font color="#0000ff">DHE-DSS-SEED-SHA SSLv3 Kx=DH Au=DSS Enc=SEED(128) Mac=SHA1</font></div><div><font color="#0000ff">DHE-RSA-CAMELLIA128-SHA SSLv3 Kx=DH Au=RSA Enc=Camellia(128) Mac=SHA1</font></div>
<div><font color="#0000ff">DHE-DSS-CAMELLIA128-SHA SSLv3 Kx=DH Au=DSS Enc=Camellia(128) Mac=SHA1</font></div><div><font color="#0000ff">AES128-SHA SSLv3 Kx=RSA Au=RSA Enc=AES(128) Mac=SHA1</font></div>
<div><font color="#0000ff">SEED-SHA SSLv3 Kx=RSA Au=RSA Enc=SEED(128) Mac=SHA1</font></div><div><font color="#0000ff">CAMELLIA128-SHA SSLv3 Kx=RSA Au=RSA Enc=Camellia(128) Mac=SHA1</font></div>
<div><font color="#0000ff">PSK-AES128-CBC-SHA SSLv3 Kx=PSK Au=PSK Enc=AES(128) Mac=SHA1</font></div><div><font color="#0000ff">RC4-SHA SSLv3 Kx=RSA Au=RSA Enc=RC4(128) Mac=SHA1</font></div>
<div><font color="#0000ff">RC4-MD5 SSLv3 Kx=RSA Au=RSA Enc=RC4(128) Mac=MD5</font></div><div><font color="#0000ff">PSK-RC4-SHA SSLv3 Kx=PSK Au=PSK Enc=RC4(128) Mac=SHA1</font></div>
<div><font color="#0000ff">KRB5-RC4-SHA SSLv3 Kx=KRB5 Au=KRB5 Enc=RC4(128) Mac=SHA1</font></div><div><font color="#0000ff">KRB5-RC4-MD5 SSLv3 Kx=KRB5 Au=KRB5 Enc=RC4(128) Mac=MD5</font></div>
<div><font color="#0000ff">EDH-RSA-DES-CBC-SHA SSLv3 Kx=DH Au=RSA Enc=DES(56) Mac=SHA1</font></div><div><font color="#0000ff">EDH-DSS-DES-CBC-SHA SSLv3 Kx=DH Au=DSS Enc=DES(56) Mac=SHA1</font></div>
<div><font color="#0000ff">DES-CBC-SHA SSLv3 Kx=RSA Au=RSA Enc=DES(56) Mac=SHA1</font></div><div><font color="#0000ff">KRB5-DES-CBC-SHA SSLv3 Kx=KRB5 Au=KRB5 Enc=DES(56) Mac=SHA1</font></div>
<div><font color="#0000ff">KRB5-DES-CBC-MD5 SSLv3 Kx=KRB5 Au=KRB5 Enc=DES(56) Mac=MD5</font></div><div><font color="#0000ff">EXP-EDH-RSA-DES-CBC-SHA SSLv3 Kx=DH(512) Au=RSA Enc=DES(40) Mac=SHA1 export</font></div>
<div><font color="#0000ff">EXP-EDH-DSS-DES-CBC-SHA SSLv3 Kx=DH(512) Au=DSS Enc=DES(40) Mac=SHA1 export</font></div><div><font color="#0000ff">EXP-DES-CBC-SHA SSLv3 Kx=RSA(512) Au=RSA Enc=DES(40) Mac=SHA1 export</font></div>
<div><font color="#0000ff">EXP-RC2-CBC-MD5 SSLv3 Kx=RSA(512) Au=RSA Enc=RC2(40) Mac=MD5 export</font></div><div><font color="#0000ff">EXP-KRB5-RC2-CBC-SHA SSLv3 Kx=KRB5 Au=KRB5 Enc=RC2(40) Mac=SHA1 export</font></div>
<div><font color="#0000ff">EXP-KRB5-DES-CBC-SHA SSLv3 Kx=KRB5 Au=KRB5 Enc=DES(40) Mac=SHA1 export</font></div><div><font color="#0000ff">EXP-KRB5-RC2-CBC-MD5 SSLv3 Kx=KRB5 Au=KRB5 Enc=RC2(40) Mac=MD5 export</font></div>
<div><font color="#0000ff">EXP-KRB5-DES-CBC-MD5 SSLv3 Kx=KRB5 Au=KRB5 Enc=DES(40) Mac=MD5 export</font></div><div><font color="#0000ff">EXP-RC4-MD5 SSLv3 Kx=RSA(512) Au=RSA Enc=RC4(40) Mac=MD5 export</font></div>
<div><font color="#0000ff">EXP-KRB5-RC4-SHA SSLv3 Kx=KRB5 Au=KRB5 Enc=RC4(40) Mac=SHA1 export</font></div><div><font color="#0000ff">EXP-KRB5-RC4-MD5 SSLv3 Kx=KRB5 Au=KRB5 Enc=RC4(40) Mac=MD5 export</font></div>
</div><div><br></div></div><div class="gmail_extra"><br><br><div class="gmail_quote">On 4 June 2014 17:43, Michael Klishin <span dir="ltr"><<a href="mailto:mklishin@gopivotal.com" target="_blank">mklishin@gopivotal.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Narayan,<br>
<br>
please keep rabbitmq-discuss in CC. <br>
<div class=""><br>
On 4 June 2014 at 16:08:14, Narayan Reddy (<a href="mailto:bvnr.mail@gmail.com">bvnr.mail@gmail.com</a>) wrote:<br>
> > What client do you use?<br>
> I needs to use the cpp client,<br>
<br>
</div>Which one? Can you link to it?<br>
<div class=""><br>
> but the ssl connection is not happening<br>
> even with openssl util (in s_client mode)<br>
<br>
</div><div class="">…<br>
<br>
> Openssl client output:<br>
><br>
> $ openssl s_client -connect localhost:5671 -cert client/cert.pem<br>
> -key client/key.pem -CAfile testca/cacert.pem<br>
> CONNECTED(00000003)<br>
> write:errno=104<br>
> ---<br>
> no peer certificate available<br>
> ---<br>
> No client certificate CA names sent<br>
> ---<br>
> SSL handshake has read 0 bytes and written 113 bytes<br>
> ---<br>
> New, (NONE), Cipher is (NONE)<br>
> Secure Renegotiation IS NOT su<br>
<br>
</div>This suggests the client and the server cannot agree on a shared cipher suite<br>
to use.<br>
<br>
What do<br>
<br>
* openssl version<br>
* openssl ciphers -v<br>
<br>
output for you?<br>
<div class="HOEnZb"><div class="h5">--<br>
MK<br>
<br>
Software Engineer, Pivotal/RabbitMQ<br>
</div></div></blockquote></div><br></div>