Why can't I force a specific cipher with the openssl app with TLS 1.3?

Phil Neumiller pneumiller at directstream.com
Thu Nov 14 17:46:41 UTC 2019


Here is my server script is:

PSK=63ef2024b1
openssl s_server -accept 4433 -tls1_3  -nocert -psk $PSK -ciphersuites
TLS_AES_256_GCM_SHA384

Here is the client:

PSK=63ef2024b1
openssl s_client -tls1_3 -psk $PSK -connect :4433  -ciphersuites
TLS_AES_256_GCM_SHA384

And here is the error:

Using default temp DH parameters
ACCEPT
ERROR
C0:65:9F:08:01:00:00:00:error:SSL routines::no suitable signature
algorithm:ssl/t1_lib.c:2810:
shutting down SSL
CONNECTION CLOSED

So why can't I force the usage of this cipher?  Why does it complain about
signature algorithms when I didn't specify any?





-----
Phillip Neumiller
Platform Engineering
Directstream, LLC
--
Sent from: http://openssl.6102.n7.nabble.com/OpenSSL-User-f3.html


More information about the openssl-users mailing list