On 05/02/15 18:31, Florence, Jacques wrote: > Hello, > > I am trying to use ECDHE and ECDSA on a simple openSSL application. > > Here are the steps I did relevant to the problem at hand: > > I generated the key and certificate with ECDSA. > > Then I load the cert and the key with SSL_CTX_use_PrivateKeyFile > > I select the ciphers: SSL_CTX_set_cipher_list(ctx, > ?ECDHE-ECDSA-AES128-GCM-SHA256?); > > > > But when I try to connect, the server tells me no shared cipher. > > I don?t know where this comes from. I am using TLSv1_2_method(). > > Do I need to load some parameters like with PEM_read_bio_DHparams and > SSL_CTX_set_tmp_dh ? Yes. If you are using OpenSSL 1.0.2 you can use: SSL_CTX_set_ecdh_auto The above will automatically select a suitable ECDH curve to use. Otherwise you can set a curve explicitly using: SSL_CTX_set_tmp_ecdh Matt
