> On Sep 11, 2018, at 6:20 PM, Viktor Dukhovni <openssl-us...@dukhovni.org>
> wrote:
>
>
> The 1.0.2 documentation for "ECDHParameters" explains that this is
> server-side setting to select a particular *fixed* ECDHE curve.
> This is a legacy feature that predates negotiation of the curve
> used based on the client's extension.
That said, in 1.0.2, it may be necessary to set "ECDHParameters" to
"Automatic" in order to enable ECDHE with Curve negotiation based
on the (separately specified) Curves. I am not sure whether
automatic ECDHE is on by default in 1.0.2, IIRC it may not be.
--
Viktor.
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
