[openssl-users] regarding openssl 1.0.2e

R-D intern Suman.Patro-TRN at lntebg.com
Tue Jan 19 15:19:20 UTC 2016


         I am trying with SSL handshake mechanism with ECDSA-ECDHE-AES-SHA
and have generated certificates following the below link.


But have certain issues regarding the same.

1.  The generated certificates show "The certificate has an invalid 
signature " and the public key length shown  is ECC (0 bits ) . Upon
exploring some websites, I understood, it is related to key length
restrictions of windows. I am working on windows. But creating ECC keys and
signing it by RSA works fine, the problem prevails with ECDSA, how do I
resolve the same?

2. The s_server and s_client of openssl are implemented for
ECDSA_ECDHE_AES_GCM_SHA384 but the same  s_server and s_client work with my
ECDHE-RSA certificates as well , How is that possible?The ECDHE-RSA
certificates should work invalid. But that's not the case, it works fine.
Please explain the underlying reason.

3. The s_server and s_client behave quite uncertain at times i.e  the same
cipher suite that I input is recognized at one instance and at other
instance the same suite is not recognized and I am provided with an error 
of "no shared cipher error" from the server side. Please explain.

         Kindly answer. Any help is highly appreciated.

        Thanks and regards,


View this message in context: http://openssl.6102.n7.nabble.com/regarding-openssl-1-0-2e-tp62472.html
Sent from the OpenSSL - User mailing list archive at Nabble.com.

More information about the openssl-users mailing list