[openssl-users] regarding openssl 1.0.2e
R-D intern
Suman.Patro-TRN at lntebg.com
Tue Jan 19 15:19:20 UTC 2016
Hello,
I am trying with SSL handshake mechanism with ECDSA-ECDHE-AES-SHA
and have generated certificates following the below link.
http://this.is.thoughtcrime.org.nz/elliptic-curve-ca-guide
But have certain issues regarding the same.
1. The generated certificates show "The certificate has an invalid
signature " and the public key length shown is ECC (0 bits ) . Upon
exploring some websites, I understood, it is related to key length
restrictions of windows. I am working on windows. But creating ECC keys and
signing it by RSA works fine, the problem prevails with ECDSA, how do I
resolve the same?
2. The s_server and s_client of openssl are implemented for
ECDSA_ECDHE_AES_GCM_SHA384 but the same s_server and s_client work with my
ECDHE-RSA certificates as well , How is that possible?The ECDHE-RSA
certificates should work invalid. But that's not the case, it works fine.
Please explain the underlying reason.
3. The s_server and s_client behave quite uncertain at times i.e the same
cipher suite that I input is recognized at one instance and at other
instance the same suite is not recognized and I am provided with an error
of "no shared cipher error" from the server side. Please explain.
Kindly answer. Any help is highly appreciated.
Thanks and regards,
Suman
--
View this message in context: http://openssl.6102.n7.nabble.com/regarding-openssl-1-0-2e-tp62472.html
Sent from the OpenSSL - User mailing list archive at Nabble.com.
More information about the openssl-users
mailing list