I'm running the code below as part of an SSL client:

#if defined (STACK_USE_SSL_CLIENT)
      if(https){
        if(!TCPStartSSLClient(MySocket,(void *)"thishost")) break; // stay
in this state if SSL Client does not start
        SslClientState++;
        Uart1TxStringPolled("Log post SSL started\r");
        break;
      case SM_START_SSL:
        if (TCPSSLIsHandshaking(MySocket)){	// wait for end of ssl handshak=
e
          if(TickGetDouble()-Timer > (double)(10*TICK_SECOND)){	// Give up
after 10 seconds
            TCPDisconnect(MySocket)	;// Close the socket so it can be used
by other modules
		    MySocket =3D INVALID_SOCKET;
		    SslClientState=3DSM_OpenConnection;	// Retry 10 times
            Uart1TxStringPolled("Log post SSL handshake failed\r");
            retries--;
            if(retries=3D=3D0){
              SslClientState=3DSM_DONE;	// quit
              Uart1TxStringPolled("Log post SSL handshake failed 10
tries\r");
            }
          }
          break;	// if still handshaking but not yet timed out, come back
to this state
        }
      }// endif https. https has extra state. http goes right from socket
obtained to send headers with no break.
#endif // end if using ssl

This works fine talking to my old Fedora 12 server fine, but my new CentOS
server does not like it. The SSL handshake fails. I suspect it's the
Apache config file. Here's what I see regarding encryption on the old
server (which works):

#   SSL Cipher Suite:
#   List the ciphers that the client is permitted to negotiate.
#   See the mod_ssl documentation for a complete list.
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP

Below is what's on the new CentOS server:

#   SSL Protocol support:
# List the enable protocol levels with which clients will be able to
# connect.  Disable SSLv2 access by default:
# SSLProtocol all -SSLv2
# Changed to below 3/10/15. hh
SSLProtocol all

#   SSL Cipher Suite:
# List the ciphers that the client is permitted to negotiate.
# See the mod_ssl documentation for a complete list.
# SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP


You can see the original line commented out and replaced by my new line.

I'm still getting the SSL handshake failed out of the PIC. Any ideas on
how I make the server accept this SSL?

THANKS!

Harold






--=20
FCC Rules Updated Daily at http://www.hallikainen.com - Advertising
opportunities available!
Not sent from an iPhone.
--=20
http://www.piclist.com/techref/piclist PIC/SX FAQ & list archive
View/change your membership options at
http://mailman.mit.edu/mailman/listinfo/piclist
.