I am a bit confused when an RSA signed ECDSA certificate is being used in TLS. For example, if you run the test for facebook.com, you will see that the certificate has ECDSA key but signed with Signature Algorithm: sha256WithRSAEncryption. $ openssl s_client -connect www.facebook.com:443 The ciphersuite used here is ECDHE-ECDSA-AES128-GCM-SHA256. So it means it used ECDSA key for server authentication. But I do not understand how did it use ECDSA key for authentication as the cert is RSA signed and key exchange is ECDHE, meaning ECDSA key of the certificate is not used for encryption keys. Can someone explain this to me?
