> On Jan 15, 2018, at 11:14 PM, Bharathi Prasad <barati.j.prasad@xxxxxxxxx> wrote: > > I am not in a position to explain the requirement. This is important and we > need to provide the support. The system supports only DH and EDH. So could > you please help me and give me pointers on how to implement fixed DH > support. Are you sure the requirement is stated correctly? EDH is incompatible with fixed DH, with EDH you use RSA or ECDSA to authenticate the key exchange. As for using DH keys, they should just work, but you need to load the certificate before setting the private key, because the key type is ambiguous in the absence of the certificate, as there's a distinction between SSL_PKEY_DH_RSA and SSL_PKEY_DH_DSA, that is resolved by the certificate type. -- Viktor. -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
