"wthttp/async: SSL handshake error: no shared cipher"
I have recently started using wt and have been enjoying it a lot. One small problem that is persisting for me is that i cannot seem to be able to get https to work using wthttp. I get the following error from wt when trying to reach my web app via the correct https address and port - "wthttp/async: SSL handshake error: no shared cipher".
I followed this guide  and a few others. I also added -lcrypto and -lssl to my g++ flags when compiling my web app but to no avail.
I also installed wt with following this  for "mac OS X Yosemite or El Capitan (macosx 10.10-10.11+)", but i am on macOS Mojave 10.14.1, would that cause any issue? mojave is fairly new and the wiki is a bit over a year old.
I use a reverse proxy (Apache httpd) and terminate the SSL there. Are you planning on serving your website permanently behind Apple Macintosh OS?
Nope, i was planning on deploying on Linux. i was hoping to avoid using a reverse proxy if possible though - otherwise ill probably just throw nginx in-front of it :).
You'd have to check if your server actually offers to connect with cyphers that are acceptable to your browser. There apparently are tools to list the cyphers actually supported by the server:
Possibly the ssl-cypherlist suggestion from our FAQ is outdated, or you want to be less strict than the list. You can try to omit the parameter and use the default cypherlist built-in in openssl. Possibly there is something wrong with the openssl library.
I tried that nmap script but that returned no ciphers. i suspect it has something to do with openssl.
ill keep trying things in the future and keep this post updated.
So upon building wt from source on linux i found that it looks for crypt when building the httpd, but not on macos, eg
... ** Enabling built-in httpd. -- Looking for strcasestr -- Looking for strcasestr - found -- Looking for strcasecmp -- Looking for strcasecmp - found -- Looking for crypt -- Looking for crypt - not found -- Looking for crypt in crypt -- Looking for crypt in crypt - found ...
... ** Enabling built-in httpd. ...
Funnily enough, i still get the same no shared cipher error on linux lol.
- That crypt finding on macos was actually because i passed cmake the -DSSL_PREFIX prefix, nothing to do with the problem
crypt is only used for some examples to add another hash function to
Wt::Auth. It's not an integral part of Wt.
I made a little progress, i had to tell cmake to look in the homebrew openssl at
/usr/local/opt/openssl/ rather than the default macOS openssl which is
However, now when i try to access the page my browser tries to establish a secure connection but times out, and i get no error from wt. Any suggestions?
Possibly something went wrong with your openssl build, so that it does not support any ciphers. What does 'openssl ciphers' tell you? And then check that your openssl binary is linked against the same openssl library as the one Wt is linked to.
I think this is an openssl issue rather than a Wt issue.