On Fri, Nov 02, 2012, Dave Thompson wrote: > > From: owner-openssl-us...@openssl.org On Behalf Of Abhiram Shandilya > > Sent: Thursday, 01 November, 2012 21:31 > > -dev added > > > I configured my openssl RSA CA to add the key usage extension > > for key agreement to the ECC certificate but even then it > > does not work. Pre-TLS 1.2 cipher suites such as > > ECDH-RSA-AES128-SHA work fine but just not the TLS 1.2 cipher > > suites with AESGCM. > > Looks like a bug to me. (1.0.1c) s3_lib.c ciphers C031 and C032 > have kECDHe when it appears they should have kECDHr . >
Should be fixed by this: http://cvs.openssl.org/chngview?cn=22562 just hasn't made it into a release yet. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
