On 19/06/2016 12:42 a.m., Yuri Voinov wrote: > > Good weekend to all. > > Gentlemen, somebody played with ECDSA-certificates and SSL bump with SQUID? > > I have when trying to use ECDSA self-signed CA to bump, Squid (version > no matter) gives an error SSLv3 (for unknown reasons) and can not > establish a secure connection. With CIPHER/PROTOCOL negotiation error in > browser. Yea, latest Chrome. > > Does this mean that Squid is not support ECDSA? > It means your certificate was not created with the flags indicating which Curve it is to be used with. <https://wiki.openssl.org/index.php/Elliptic_Curve_Cryptography#Named_Curves> I can't find any evidence of the flag being set on generated certificates. So that may also be adding to the problem. Amos _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
