-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cert generator is ok. Bug 4497 still not gone. So, it is irrelevant ECDSA. Sad. 19.06.2016 15:18, Amos Jeffries пишет: > On 19/06/2016 12:42 a.m., Yuri Voinov wrote: >> >> Good weekend to all. >> >> Gentlemen, somebody played with ECDSA-certificates and SSL bump with SQUID? >> >> I have when trying to use ECDSA self-signed CA to bump, Squid (version >> no matter) gives an error SSLv3 (for unknown reasons) and can not >> establish a secure connection. With CIPHER/PROTOCOL negotiation error in >> browser. Yea, latest Chrome. >> >> Does this mean that Squid is not support ECDSA? >> > > It means your certificate was not created with the flags indicating > which Curve it is to be used with. > <https://wiki.openssl.org/index.php/Elliptic_Curve_Cryptography#Named_Curves> > > I can't find any evidence of the flag being set on generated > certificates. So that may also be adding to the problem. > > Amos > _______________________________________________ > squid-users mailing list > squid-users@xxxxxxxxxxxxxxxxxxxxx > http://lists.squid-cache.org/listinfo/squid-users -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQEcBAEBCAAGBQJXZpOaAAoJENNXIZxhPexGs3QIAKG1uufx/dOobMZjrpmA/9TT KQTYCSFarH3P5i1tcVFZRc1HtdL/9bp30wWYJFqRTdqU5D6h608a64mgf6DHbtr0 E5JJVbNHvHPYlbK52+pue0K33sap58gL0R0ZCZUeAPOszh0UomMVNJDTCHUhV+F1 m2im44TZOzjwD9NQ+J3g6V5TbYZnv1nXw9EQCDPjgWpwJCPg01r7GbEsbT/A/ka6 WxtDgjw/p8wENzIE++BHC11G5iHt7/tEbzNJJ9HGV85/ly4VpZM4TvHkmnaNLAOq A0gtZpWAuO9NtPNFkZBFbdaUyfLXUhc9+wvK0dtM5+iC4k0XXs+A8I9DyPgsp5Q= =n9Au -----END PGP SIGNATURE-----
Attachment:
0x613DEC46.asc
Description: application/pgp-keys
_______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
