server key exchange signature behavior
Michael Wojcik
Michael.Wojcik at microfocus.com
Thu Jun 25 16:07:07 UTC 2020
> From: openssl-users [mailto:openssl-users-bounces at openssl.org] On Behalf Of
> Bruce Cloutier
> Sent: Thursday, June 25, 2020 10:11
>
> Has anyone thought about this question?
From your description, it sounds like an Apache issue, not an OpenSSL one. I don't know enough about Apache configuration to comment. (I've configured a few Apache instances in my day, but never had any real issues with it, so I've never done more than search the docs for what I needed and implemented it.)
> The site is https://jnior.com if
> anyone wants to hit it. For me the digital signature in the
> server_key_exchange does not verify.
I just tried openssl s_client, and it didn't complain about anything. Negotiated a TLSv1.2 session with ECDHE-RSA-AES256-GCM-SHA384 and verified the chain.
--
Michael Wojcik
Distinguished Engineer, Micro Focus
More information about the openssl-users
mailing list