Hi Steve,
Thanks, that certainly corrected it. I guess I'm perplexed as to why using
ecgroup = EC_GROUP_new_by_curve_name(NID_X9_62_prime256v1);
would not automatically set that flag since I'm explicitly giving the curve
name already?
Thanks,
Erik
Eri
On Fri, Aug 03, 2012, Erik Tkal wrote:
> Hi Steve, here's the cert:
>
> Certificate:
> Data:
> Version: 3 (0x2)
> Serial Number: 34474 (0x86aa)
> Signature Algorithm: ecdsa-with-SHA256
> Issuer: CN=eRoot1, OU=Engineering, O=Juniper Networks, Inc.,
> L=Westford, ST
Pulse Development
-Original Message-
From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org]
On Behalf Of Dr. Stephen Henson
Sent: Friday, August 03, 2012 5:57 PM
To: openssl-users@openssl.org
Subject: Re: ECDSA testing with s_client/s_server
On Fri, Aug 03, 2012, Erik
On Fri, Aug 03, 2012, Erik Tkal wrote:
> I debugged this to see what is happening, and it seems that the server is
> looking at the configured certificate and key and deciding that the client
> needs to be sending 0xFF01 (it is finding NID_X9_62_prime_field as the field
> type). However, the c
I debugged this to see what is happening, and it seems that the server is
looking at the configured certificate and key and deciding that the client
needs to be sending 0xFF01 (it is finding NID_X9_62_prime_field as the field
type). However, the client is sending the full list of standard named
> From: owner-openssl-us...@openssl.org On Behalf Of Erik Tkal
> Sent: Wednesday, 01 August, 2012 16:33
> I'm playing around to see if I can observe client and server
> under various conditions when negotiating TLS 1.2 with newer
> certs. I created a root and server cert as ecdsa-with-SHA256.
>
