[openssl-users] ECDHE Negotiation for Client but not Server
benn.bollay at gmail.com
Fri Nov 13 19:21:22 UTC 2015
Hi folks -
Tested against OpenSSL 1.0.1f and 1.0.1p (but with modifications).
I've got some code that creates an SSL_CTX (http://pastebin.com/XveDvvch)
that works fine for negotiating ECDHE-* ciphers as a client when talking to
an s_server, but fails as a server both when accepting connections from
itself or from s_client with a no shared cipher error.
You can download a full package to reproduce the issue at
You can run the test by using make:
$ make all
$ make s_server & # Run’s OpenSSL s_server in the background
$ make t_client # Runs the client - should be able to see the handshake
complete on the server’s log window.
$ make t_server & # After killing the s_server, start up the test server
$ make s_client # Fails to negotiate.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the openssl-users