There's a HOWTO on how to create DH certificates with CA.pl; the X.509/PKCS functions support them, but the SSL/TLS layer doesn't?
-Kyle H On 2/10/06, Dr. Stephen Henson <[EMAIL PROTECTED]> wrote: > On Fri, Feb 10, 2006, jimmy wrote: > > > Hi, > > > > Why is it that some ciphers like "DH-DSS-AES128-SHA", have > > SSL_CIPHER.valid set to 0 in the table ssl3_cpihers? > > > > Is there a specific reason? > > > > They require the use of DH certificates which OpenSSL doesn't support. > > Very few people use them and I've only ever seen a handful of examples over > the years. > > Steve. > -- > Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage > OpenSSL project core developer and freelance consultant. > Funding needed! Details on homepage. > Homepage: http://www.drh-consultancy.demon.co.uk > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-users@openssl.org > Automated List Manager [EMAIL PROTECTED] > ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
