From: Dave Cundiff on
Hello,

I've scoured the net and it appears I may be out of luck.

Is it possible to change the cipher fsockopen uses for SSL? I have a
remote socket that uses ADH which I can connect to fine with the
openssl client.

CONNECTED(00000003)
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 298 bytes and written 201 bytes
---
New, TLSv1/SSLv3, Cipher is ADH-AES256-SHA
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
SSL-Session:
Protocol : TLSv1
Cipher : ADH-AES256-SHA
Session-ID: 2163F431CC23523B8F156F6C2E806F3CA23B7F9149E92A2E3F80FEE420F72E4F
Session-ID-ctx:
Master-Key:
ECC5BB2D5B2F76B6D6F332FCEE294C21B0FFAF3C93322F2CD82FF9AFAFC6B6DD3EA371F0F1ADA09FB00B046BC1DB1D59
Key-Arg : None
Krb5 Principal: None
Start Time: 1282349024
Timeout : 300 (sec)
Verify return code: 0 (ok)
---


However, my simple PHP script fails.

<?
$fd = fsockopen("tls://host.domain.com",5666);
?>

[root(a)host ~]# php ssltest.php
PHP Warning: fsockopen(): SSL operation failed with code 1. OpenSSL
Error messages:
error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake
failure in /root/ssltest.php on line 2
PHP Warning: fsockopen(): Failed to enable crypto in
/root/ssltest.php on line 2
PHP Warning: fsockopen(): unable to connect to
tls://host.domain.com:5666 (Unknown error) in /root/ssltest.php on
line 2

I had to specify ADH on the cipher list for OpenSSL to be able to make
the connection but cannot find a way to do so for fsockopen. Can a
cipher even be specified?

Thanks,
--
Dave Cundiff
System Administrator
A2Hosting, Inc
http://www.a2hosting.com