> -----Original Message----- > From: owner-openssl-us...@openssl.org [mailto:owner-openssl- > [...] > I have been able to reproduce this. > > Using a standard openssl configured *without* including no-ec2m, start an > s_server: > > openssl s_server -named_curve sect239k1 > > Then, using an openssl configured *with* no-ec2m, connect to the s_server: > > openssl s_client -cipher ECDHE-RSA-AES256-SHA > > You should see the same error message as you got displayed in the client.
Indeed. > Please can you try the attached patch to see if that solves your problem. If I apply the patch on the client side, the handshake succeeds :) I guess the server-side fix to mitigate this issue would be to configure with fips / no-ec2m, too? Thanks a lot! Kai ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
