ECDSA Certificate does not work

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Dear OpenSSL users,

I've been trying to get an ECDSA certificate to work with a postfix
installation lately.
, however, it seems that when I try to use the aECDSA protocol with a
client the server gives "no shared cipher" errors.

I had created the certificate like the following:

openssl ecparam -name secp521r1 -genkey -param_enc explicit -out
private/ec-email-server.pem
openssl req -new -x509 -key private/ec-email-server.pem -out
certs/ec-email-server.pem -days 365

Now, when I test the certificate with s_server and s_client like:

openssl s_server -accept 123 -cert /etc/ssl/certs/ec-email-server.pem
-key /etc/ssl/private/ec-email-server.pem
openssl s_client -connect localhost:123

I still get "no shared cipher" errors.
I'm guessing openssl restricts the ciphers to those ciphers that use
ECDSA as authentication.
However, maybe openssl doesn't allow me (for some reason) to use ECDSA.
I'm using Debian and my openssl version is:
OpenSSL 1.0.1k 8 Jan 2015

Does anyone know where the issue lies?
Thank you


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux