[openssl-users] Parameters for using ECDHE and ECDSA
Florence, Jacques
florencej at us.panasonic.com
Thu Feb 5 23:15:50 UTC 2015
Thanks, I found it!
-----Original Message-----
From: openssl-users [mailto:openssl-users-bounces at openssl.org] On Behalf Of Matt Caswell
Sent: Thursday, February 05, 2015 2:31 PM
To: openssl-users at openssl.org
Subject: Re: [openssl-users] Parameters for using ECDHE and ECDSA
On 05/02/15 18:31, Florence, Jacques wrote:
> Hello,
>
> I am trying to use ECDHE and ECDSA on a simple openSSL application.
>
> Here are the steps I did relevant to the problem at hand:
>
> I generated the key and certificate with ECDSA.
>
> Then I load the cert and the key with SSL_CTX_use_PrivateKeyFile
>
> I select the ciphers: SSL_CTX_set_cipher_list(ctx,
> "ECDHE-ECDSA-AES128-GCM-SHA256");
>
>
>
> But when I try to connect, the server tells me no shared cipher.
>
> I don't know where this comes from. I am using TLSv1_2_method().
>
> Do I need to load some parameters like with PEM_read_bio_DHparams and
> SSL_CTX_set_tmp_dh ?
Yes. If you are using OpenSSL 1.0.2 you can use:
SSL_CTX_set_ecdh_auto
The above will automatically select a suitable ECDH curve to use.
Otherwise you can set a curve explicitly using:
SSL_CTX_set_tmp_ecdh
Matt
_______________________________________________
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
More information about the openssl-users
mailing list