对于Mac OS X上的Python应用程序，我需要设置一个带有TLSv1.2，Forward Secrecy和没有RC4密码的HTTPS服务器 . 使用Paste和pyOpenSSL我写了下面的代码：

from paste import httpserver

from OpenSSL import SSL

context = SSL.Context(SSL.SSLv23_METHOD)

context.use_privatekey_file("/Path/to/my/private.key")

context.use_certificate_chain_file("/Path/to/my/chain-cert.pem")

context.set_options(SSL.OP_NO_SSLv2)

context.set_options(SSL.OP_NO_SSLv3)

context.set_options(SSL.OP_SINGLE_DH_USE)

context.set_cipher_list("EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA384:EECDH+ECDSA+SHA256:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH:EDH+aRSA:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS:!RC4")

logger.debug("OPENSSL version: %s" % SSL.SSLeay_version(SSL.SSLEAY_VERSION))

httpserver.serve(app_logged, host=http_host, port=http_port, server_version=server_version, ssl_context=context, use_threadpool=True, threadpool_workers=15, request_queue_size=5)

但Safari，Chrome和OpenSSL客户端无法连接到我的服务器，错误为“无共享密码” . 那么，我做错了什么？

Note ：Python(2.7.6)和OpenSSL(0.9.8)的默认OS X版本与TLSv1.2不兼容，因此我必须从源代码编译OpenSSL 1.0.2和Python 2.7.10 .

如果我检查我的OpenSSL密码列表，它会给我这个：

$ /usr/local/bin/openssl ciphers -V 'EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA384:EECDH+ECDSA+SHA256:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH:EDH+aRSA:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS:!RC4'

0xC0,0x2C - ECDHE-ECDSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AESGCM(256) Mac=AEAD

0xC0,0x2B - ECDHE-ECDSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AESGCM(128) Mac=AEAD

0xC0,0x30 - ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH Au=RSA Enc=AESGCM(256) Mac=AEAD

0xC0,0x2F - ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH Au=RSA Enc=AESGCM(128) Mac=AEAD

0xC0,0x24 - ECDHE-ECDSA-AES256-SHA384 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AES(256) Mac=SHA384

0xC0,0x23 - ECDHE-ECDSA-AES128-SHA256 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AES(128) Mac=SHA256

0xC0,0x28 - ECDHE-RSA-AES256-SHA384 TLSv1.2 Kx=ECDH Au=RSA Enc=AES(256) Mac=SHA384

0xC0,0x27 - ECDHE-RSA-AES128-SHA256 TLSv1.2 Kx=ECDH Au=RSA Enc=AES(128) Mac=SHA256

0xC0,0x14 - ECDHE-RSA-AES256-SHA SSLv3 Kx=ECDH Au=RSA Enc=AES(256) Mac=SHA1

0xC0,0x0A - ECDHE-ECDSA-AES256-SHA SSLv3 Kx=ECDH Au=ECDSA Enc=AES(256) Mac=SHA1

0xC0,0x13 - ECDHE-RSA-AES128-SHA SSLv3 Kx=ECDH Au=RSA Enc=AES(128) Mac=SHA1

0xC0,0x09 - ECDHE-ECDSA-AES128-SHA SSLv3 Kx=ECDH Au=ECDSA Enc=AES(128) Mac=SHA1

0x00,0x9F - DHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=DH Au=RSA Enc=AESGCM(256) Mac=AEAD

0x00,0x6B - DHE-RSA-AES256-SHA256 TLSv1.2 Kx=DH Au=RSA Enc=AES(256) Mac=SHA256

0x00,0x39 - DHE-RSA-AES256-SHA SSLv3 Kx=DH Au=RSA Enc=AES(256) Mac=SHA1

0x00,0x88 - DHE-RSA-CAMELLIA256-SHA SSLv3 Kx=DH Au=RSA Enc=Camellia(256) Mac=SHA1

0x00,0x9E - DHE-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=DH Au=RSA Enc=AESGCM(128) Mac=AEAD

0x00,0x67 - DHE-RSA-AES128-SHA256 TLSv1.2 Kx=DH Au=RSA Enc=AES(128) Mac=SHA256

0x00,0x33 - DHE-RSA-AES128-SHA SSLv3 Kx=DH Au=RSA Enc=AES(128) Mac=SHA1

0x00,0x9A - DHE-RSA-SEED-SHA SSLv3 Kx=DH Au=RSA Enc=SEED(128) Mac=SHA1

0x00,0x45 - DHE-RSA-CAMELLIA128-SHA SSLv3 Kx=DH Au=RSA Enc=Camellia(128) Mac=SHA1

我知道Safari 8与密码“ECDHE-RSA-AES128-SHA256”兼容，所以为什么我有一个'无共享密码'错误？

$ /usr/local/bin/openssl s_client -connect 192.168.0.17:4443 -tls1_2

CONNECTED(00000003)

140735274361680:error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure:s3_pkt.c:1472:SSL alert number 40

140735274361680:error:1409E0E5:SSL routines:ssl3_write_bytes:ssl handshake failure:s3_pkt.c:656:

---

no peer certificate available

---

No client certificate CA names sent

---

SSL handshake has read 7 bytes and written 0 bytes

---

New, (NONE), Cipher is (NONE)

Secure Renegotiation IS NOT supported

Compression: NONE

Expansion: NONE

No ALPN negotiated

SSL-Session:

Protocol : TLSv1.2

Cipher : 0000

Session-ID:

Session-ID-ctx:

Master-Key:

Key-Arg : None

PSK identity: None

PSK identity hint: None

SRP username: None

Start Time: 1439975452

Timeout : 7200 (sec)

Verify return code: 0 (ok)

---

Alternative: 如果我将密码列表更改为

context.set_cipher_list("HIGH:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS:!RC4:@STRENGTH")

它可以工作，浏览器和openssl客户端能够在协议TLSv1.2上使用密码'AES256-GCM-SHA384' Build 安全连接，但它不是ECDHE密码(因此没有前向保密) .

EDIT correct answer:

对于DH密码，您需要PEM格式的DH参数文件，您可以使用以下命令生成一个：

$ /usr/local/bin/openssl dhparam 2048 -out dhparams.pem

对于ECDHE密码，您需要为SSL上下文设置椭圆曲线 . 您可以使用pyOpenSSL检索系统上的可用曲线：

OpenSSL.crypto.get_elliptic_curves()

这给了我们正确的以下python代码：

from paste import httpserver

from OpenSSL import SSL

from OpenSSL import crypto

context = SSL.Context(SSL.SSLv23_METHOD)

context.use_privatekey_file("/Path/to/my/private.key")

context.use_certificate_chain_file("/Path/to/my/chain-cert.pem")

context.load_tmp_dh("/Path/to/my/dhparams.pem")

context.set_tmp_ecdh(crypto.get_elliptic_curve("prime256v1"))

context.set_options(SSL.OP_NO_SSLv2)

context.set_options(SSL.OP_NO_SSLv3)

context.set_options(SSL.OP_SINGLE_DH_USE)

context.set_cipher_list("EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA384:EECDH+ECDSA+SHA256:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH:EDH+aRSA:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS:!RC4")

logger.debug("OPENSSL version: %s" % SSL.SSLeay_version(SSL.SSLEAY_VERSION))

httpserver.serve(app_logged, host=http_host, port=http_port, server_version=server_version, ssl_context=context, use_threadpool=True, threadpool_workers=15, request_queue_size=5)