[openssl-users] ECDHE-ECDSA certificate returning with no shared cipher error

Dave Thompson dthompson at prinpay.com
Tue Feb 3 02:58:53 UTC 2015

> From: openssl-users On Behalf Of Rajeswari K
> Sent: Sunday, February 01, 2015 21:18

> Am facing an issue of "no shared cipher" error during SSL Handshake, 
> when tried to negotiate ECDHE cipher suite. 
> *Feb  2 01:00:47.894: SSL_accept:error in SSLv3 read client hello C
> *Feb  2 01:00:47.894: 3854049196:error:1408A0C1:SSL routines:
> SSL3_GET_CLIENT_HELLO:no shared cipher  s3_srvr.c:1381:

> Have updated with temporary ECDH callback during SSL Server initialization. 

> ECDSA certificate is being signed using openssl commands. 

How was the keypair and CSR generated? In particular, check the 
publickey in the CSR, and thus in the cert, has the curve encoded in 
"named" form (as an OID) not "explicit" form (with all the details of 
prime or polynomial, equation coefficients, base point, and cofactor).

More information about the openssl-users mailing list