Nicola...my apologies for the typo...
From: openssl-users on behalf of Jason
Schultz
Sent: Friday, February 21, 2020 1:05 PM
To: Nicola Tuveri
Cc: openssl-users
Subject: Re: Questions about using Elliptic Curve ciphers in OpenSSL
Nicole-
This was very
maybe conflicts with what I thought I was doing correct earlier
in this thread. I'm talking mostly about where I landed in this post:
https://www.mail-archive.com/openssl-users@openssl.org/msg87538.html
Re: Questions about using Elliptic Curve ciphers in
OpenSSL<https://www.mail-archive.co
s for your response. It does help, but at the same time it also
> raises questions and maybe conflicts with what I thought I was doing
> correct earlier in this thread. I'm talking mostly about where I landed in
> this post:
>
> https://www.mail-archive.com/openssl-users@openssl
l.org/msg87538.html
Re: Questions about using Elliptic Curve ciphers in
OpenSSL<https://www.mail-archive.com/openssl-users@openssl.org/msg87538.html>
Thank you for your response Thulasi, this helped. I'm posting this back to the
OpenSSL users list in case it helps anyone else, and in case anyon
oriparthi ; openssl-users <
> openssl-users@openssl.org>
> *Subject:* Re: Questions about using Elliptic Curve ciphers in OpenSSL
>
> Be aware that you just posted your certificate's private key, and thus you
> should regenerate a new keypair/certificate to use. Otherwise, an
@hotmail.com>
mailto:jetso...@hotmail.com>>
Cc: rs...@akamai.com<mailto:rs...@akamai.com>
mailto:rs...@akamai.com>>
Subject: Re: Questions about using Elliptic Curve ciphers in OpenSSL
To clarify further, EC keys can be generated from either explicit (group)
parameters o
!
From: Thulasi Goriparthi
mailto:thulasi.goripar...@gmail.com>>
Sent: Wednesday, February 12, 2020 8:29 AM
To: jetso...@hotmail.com<mailto:jetso...@hotmail.com>
mailto:jetso...@hotmail.com>>
Cc: rs...@akamai.com<mailto:rs...@akamai.com>
m
on from a client
> using ECDHE-ECDSA-AES256-GCM-SHA384.
>
> And yes, I think my main confusion was on what to do with the DH
> parameters file. I thought using ECDHE key exchange was similar to DSA with
> DH. With ECDHE, I don't need to read in a parameters file at all.
>
e let me know, otherwise, thanks for all
the help!
From: Thulasi Goriparthi
Sent: Wednesday, February 12, 2020 8:29 AM
To: jetso...@hotmail.com
Cc: rs...@akamai.com
Subject: Re: Questions about using Elliptic Curve ciphers in OpenSSL
To clarify further, EC keys can be gen
I believe you just load your ECDSA cert and the other stuff – Dhparams!! – is
not needed.
nd when do I use them? Or do I need them in
a separate file?
From: Salz, Rich
Sent: Tuesday, February 11, 2020 4:37 PM
To: Jason Schultz ; openssl-users@openssl.org
Subject: Re: Questions about using Elliptic Curve ciphers in OpenSSL
The first thing I would suggest is to separate ECDH, t
The first thing I would suggest is to separate ECDH, the session key exchange,
from ECDSA, the signature. Try to make ECDH with RSA work. Then just load
your ECDSA cert; you can load one cert of each type (RSA DSA) and the runtime
will figure out what to do, depending on what the client offers
Anyone have any advice on Elliptic Curve?
Thanks in advance.
From: openssl-users on behalf of Jason
Schultz
Sent: Friday, February 7, 2020 2:58 AM
To: openssl-users@openssl.org
Subject: Questions about using Elliptic Curve ciphers in OpenSSL
I’m somewhat
I’m somewhat confused as to what I need to do to use ECDHE ciphers
(ECDHE-ECDSA-AES128-SHA256, ECDHE-ECDSA-AES256-GCM-SHA384, etc). I’m hoping
this list can help, or at least point me to a good tutorial somewhere. A lot of
the information I’ve looked at is from the following links:
https://wi
14 matches
Mail list logo
