how to set temporary EC Diffie-Hellman parameters

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hello,

I appreciate if anyone can guide me how to set temporary EC Diffie-Hellman
parameters to be able to accept SSL connections from a client
using ephemeral ECDHE cipher.

I have an ssl based application that can accept SSL connections. I can
establish SSL connections from a client using RSA cipher ( eg AES128-SHA), but
when I use the ephemeral EDHE ciphers (eg ECDHE-RSA-AES128-SHA), the SSL
handshake fails.

I have been googling to understand the issue for several hours, and it
looks like I need to set temporary DH parameters.

I added the following code right after SSL initialization and creating
context in my application.
...
   EC_KEY *ecdh = EC_KEY_new_by_curve_name (NID_X9_62_prime256v1);
   ecdh = EC_KEY_new_by_curve_name (NID_X9_62_prime256v1);
   if (! ecdh)
       error ();
   if (1 != SSL_CTX_set_tmp_ecdh (session_cache_ctx, ecdh))
      return -ENOMEM;
   EC_KEY_free (ecdh);
...

But it is still not working. I am not familiar with this area, and
I greatly appreciate any help.

I am running OpenSSL 1.0.1

Jordan.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20160908/128367f4/attachment-0001.html>


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux