[openssl-users] DTLS Server with support for both EC and RSA keys

Suman Paul sumanpaul1987 at gmail.com
Sat Feb 4 22:23:27 UTC 2017


I have a server that implements DTLS using OpenSSL 1.0.1 but supports only RSA keys as of today. I want to add support to this server to accept EC keys to be able to implement the newer ECDHE-ECDSA cipher suites while retaining support for RSA. Any pointers as to how to go about this? 

What I believe is that each kind of key would need a different SSL_CTX object. So I want to switch to the correct context for the SSL session as per the cipher supported by the client (maybe from the cipher list advertised in the ClientHello). Is that the best way of implementing this?


More information about the openssl-users mailing list