Hello,
I am trying with SSL handshake mechanism with ECDSA-ECDHE-AES-SHA and
have generated certificates following the below link.
http://this.is.thoughtcrime.org.nz/elliptic-curve-ca-guide
But have certain issues regarding the same.
1. The generated certificates show "The certificate has an invalid signature
" and the public key length shown is ECC (0 bits ) . Upon exploring some
websites, I understood, it is related to key length restrictions of windows. I
am working on windows. But creating ECC keys and signing it by RSA works fine,
the problem prevails with ECDSA, how do I resolve the same?
2. The s_server and s_client of openssl are implemented for
ECDSA_ECDHE_AES_GCM_SHA384 but the same s_server and s_client work with my
ECDHE-RSA certificates as well , How is that possible?The ECDHE-RSA
certificates should work invalid. But that's not the case, it works fine.
Please explain the underlying reason.
3. The s_server and s_client behave quite uncertain at times i.e the same
cipher suite that I input is recognized at one instance and at other instance
the same suite is not recognized and I am provided with an error of "no shared
cipher error" from the server side. Please explain.
Kindly answer. Any help is highly appreciated.
Thanks and regards,
Suman
[http://www.lntebg.com/images/Digital_Signature_Elecrama_2016.jpg]
Larsen & Toubro Limited
www.larsentoubro.com
This Email may contain confidential or privileged information for the intended
recipient (s). If you are not the intended recipient, please do not use or
disseminate the information, notify the sender and delete it from your system.
_______________________________________________
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
