[openssl-users] how to set temporary EC Diffie-Hellman parameters
yordanosb at gmail.com
Thu Sep 8 19:12:08 UTC 2016
I appreciate if anyone can guide me how to set temporary EC Diffie-Hellman
parameters to be able to accept SSL connections from a client
using ephemeral ECDHE cipher.
I have an ssl based application that can accept SSL connections. I can
establish SSL connections from a client using RSA cipher ( eg AES128-SHA), but
when I use the ephemeral EDHE ciphers (eg ECDHE-RSA-AES128-SHA), the SSL
I have been googling to understand the issue for several hours, and it
looks like I need to set temporary DH parameters.
I added the following code right after SSL initialization and creating
context in my application.
EC_KEY *ecdh = EC_KEY_new_by_curve_name (NID_X9_62_prime256v1);
ecdh = EC_KEY_new_by_curve_name (NID_X9_62_prime256v1);
if (! ecdh)
if (1 != SSL_CTX_set_tmp_ecdh (session_cache_ctx, ecdh))
But it is still not working. I am not familiar with this area, and
I greatly appreciate any help.
I am running OpenSSL 1.0.1
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the openssl-users