Hi, Firefox 3.6.2 supports the TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA cipher suite. I've configured Open SSL (version 1.0.0.a) as a test server with what I think is a suitable ECC key/certificate (attached) The keys were created with the attached script.
The server was started like this: openssl s_server -cert /home/alex/keys/ssltest/Certs/secp160r2TestServer.pem -cipher ECDHE-ECDSA-AES256-SHA An open ssl client can be successfully connected like this: openssl s_client -connect localhost:4433 The client says the connection is established with the ECDHE-ECDSA-AES256-SHA cipher When a connection with Firefox is attempted the server give a series of errors like this: 140068746417832:error:1408A0C1:SSL routines:SSL3_GET_CLIENT_HELLO:no shared cipher:s3_srvr.c:1216: shutting down SSL Can anybody explain this? Could it be a bug in OpenSSL? Many Thanks, Kind Regards, Alex
secp160r2TestServer.pem
Description: Binary data
secp160r1TestCA.pem
Description: Binary data
ECCcertgen.sh
Description: Bourne shell script
