Hi, on https://developer.mozilla.org/en/Security_in_Firefox_2 I found that FF 2 does support only curves with 256, 384, and 521. Maybe this is the same for FF 3 and your 160 bit curve is not supported.
Bye Dirk Alex Birkett wrote: > Hi, > > Firefox 3.6.2 supports the TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA cipher > suite. I've configured Open SSL (version 1.0.0.a) as a test server with > what I think is a suitable ECC key/certificate (attached) The keys were > created with the attached script. > > The server was started like this: > openssl s_server -cert > /home/alex/keys/ssltest/Certs/secp160r2TestServer.pem -cipher > ECDHE-ECDSA-AES256-SHA > > An open ssl client can be successfully connected like this: > openssl s_client -connect localhost:4433 > The client says the connection is established with > the ECDHE-ECDSA-AES256-SHA cipher > > When a connection with Firefox is attempted the server give a series of > errors like this: > > 140068746417832:error:1408A0C1:SSL routines:SSL3_GET_CLIENT_HELLO:no > shared cipher:s3_srvr.c:1216: > shutting down SSL > > Can anybody explain this? Could it be a bug in OpenSSL? > > Many Thanks, > > Kind Regards, > > Alex > ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
