Dear OpenSSL users, I've been trying to get an ECDSA certificate to work with a postfix installation lately. , however, it seems that when I try to use the aECDSA protocol with a client the server gives "no shared cipher" errors. I had created the certificate like the following: openssl ecparam -name secp521r1 -genkey -param_enc explicit -out private/ec-email-server.pem openssl req -new -x509 -key private/ec-email-server.pem -out certs/ec-email-server.pem -days 365 Now, when I test the certificate with s_server and s_client like: openssl s_server -accept 123 -cert /etc/ssl/certs/ec-email-server.pem -key /etc/ssl/private/ec-email-server.pem openssl s_client -connect localhost:123 I still get "no shared cipher" errors. I'm guessing openssl restricts the ciphers to those ciphers that use ECDSA as authentication. However, maybe openssl doesn't allow me (for some reason) to use ECDSA. I'm using Debian and my openssl version is: OpenSSL 1.0.1k 8 Jan 2015 Does anyone know where the issue lies? Thank you
