> From: openssl-users On Behalf Of Rajeswari K
> Sent: Monday, February 02, 2015 22:17
> Thanks for responding. Following is the output printed by openssl
> ./openssl req -in csr.csr -noout -text
>Subject Public Key Info:
>Public Key Algorithm: id-ecPublicKey
>
issue with these parameters?
Thanks,
Rajeswari.
On Tue, Feb 3, 2015 at 8:28 AM, Dave Thompson wrote:
> > From: openssl-users On Behalf Of Rajeswari K
> > Sent: Sunday, February 01, 2015 21:18
>
> > Am facing an issue of "no shared cipher" error during SSL Handsha
> From: openssl-users On Behalf Of Rajeswari K
> Sent: Sunday, February 01, 2015 21:18
> Am facing an issue of "no shared cipher" error during SSL Handshake,
> when tried to negotiate ECDHE cipher suite.
> *Feb 2 01:00:47.894: SSL_accept:error in SSLv3 read clien
Hello Openssl users,
Am facing an issue of "no shared cipher" error during SSL Handshake, when
tried to negotiate ECDHE cipher suite.
We are using openssl-1.0.1j version. Can you please share your thoughts?
Following are the logs during SSL Handshake.
Server has 2 from 0xE29690E0:
On Mon, May 16, 2011 at 11:56:41AM +0100, Mike Bell wrote:
> Thanks Viktor,
>
> I hadn't properly understood the relationship between the certificate
> and the cipher, so I'll look at that now. I think I'm also confusing
> the OpenVPN?& OpenSSL relationship.
>
> OpenVPN does appear to be using TL
ot;
Sent: Friday, 13 May 2011, 17:56
Subject: Re: No shared cipher error using ECDSA
On Fri, May 13, 2011 at 05:41:52PM +0100, Mike Bell wrote:
> However I keep getting a "no shared cipher" error.
>
> In my client & server openssl.cnf files I've specified
> cipher AE
On Fri, May 13, 2011 at 06:36:34PM +0100, Mike Bell wrote:
> I had originally put
> cipher AES-128-CBC
> in SERVER.OVPN & CLIENT.OVPN, not OPENSSL.CNF files (it's been a long week!)
I am not familiar with your VPN product, so you'll have to figure out
what configuration options are applicable. I
urity people are insisting on AES and either EC
DSA, DSA or RSA as the signature algorithm, but with a preference for ECDSA.
Thanks
From: Victor Duchovni
To: "openssl-users@openssl.org"
Sent: Friday, 13 May 2011, 17:56
Subject: Re: No shared cipher error using ECDSA
On Fri, May
Hi,
I’m trying to create a VPN using OpenVPN over OpenSSL encrypted with AES and
using an elliptical curve DSA.
However I keep getting a “no shared cipher” error.
The full error log is :-
MULTI: multi_create_instance called
Re-using SSL/TLS context
Control Channel MTU parms [ L:1557 D:138
On Fri, May 13, 2011 at 05:41:52PM +0100, Mike Bell wrote:
> However I keep getting a "no shared cipher" error.
>
> In my client & server openssl.cnf files I've specified
> cipher AES-128-CBC
This is not an EC cipher, and if you configure an EC cert, but spec
Hi,
I’m trying to create a VPN using OpenVPN over OpenSSL encrypted with AES and
using an elliptical curve DSA.
However I keep getting a “no shared cipher” error.
The full error log is :-
MULTI: multi_create_instance called
Re-using SSL/TLS context
Control Channel MTU parms [ L:1557 D:138 EF
Hi,
I've generated certificates based on the secp256r1 curve and a connection to
the server can be established not only with FireFox, but also Internet
Explorer and Chrome. It must be that secp160r2 is not supported by the
browsers. Do you think it would be possible to add a more descriptive error
On Thu July 8 2010, Dirk Menstermann wrote:
> Hi,
>
> on https://developer.mozilla.org/en/Security_in_Firefox_2 I found that FF 2
> does
> support only curves with 256, 384, and 521. Maybe this is the same for FF 3
> and
> your 160 bit curve is not supported.
>
Try: about:config in your browse
Hi,
on https://developer.mozilla.org/en/Security_in_Firefox_2 I found that FF 2 does
support only curves with 256, 384, and 521. Maybe this is the same for FF 3 and
your 160 bit curve is not supported.
Bye
Dirk
Alex Birkett wrote:
> Hi,
>
> Firefox 3.6.2 supports the TLS_ECDHE_ECDSA_WITH_AES_2
Hi Alex,
are you sure, ff ist talking to the same server on port 4433?
Do you get a successful handshake when using a different ciphersuite on the
server?
Patrick Eisenacher
-Original Message-
From: Alex Birkett
Hi Patrick,
openssl s_client -connect localhost:4433 -cipher ECDHE-ECDSA
Hi Patrick,
openssl s_client -connect localhost:4433 -cipher ECDHE-ECDSA-AES256-SHA
works fine it sends the following cipher suite in the client hello message:
Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA (0xc00a)
Just double checked with wireshark and FF also sends
Cipher Suite: TLS_ECDHE_
Hi Alex,
if you configure s_client with the same list of ciphersuites that firefox
sends, then s_server will show the same reaction. That means your ff and your
s_client send different lists of ciphersuites.
You seem to invoke s_client with the standard list of ciphersuites...whatever
that is.
Hi Patrick,
Thanks for your response. FF 3.6.2 is
sending TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA in it's client hello message.
The command line OpenSSL client can be made to connect using this cipher
suite. Any ideas?
Thanks,
Alex
On 8 July 2010 13:41, Eisenacher, Patrick wrote:
> Hi Alex,
>
Hi Alex,
just check the list of ciphersuites that FF sends in its client hello message
and you'll see which ciphersuites FF supports.
HTH,
Patrick Eisenacher
-Original Message-
From: Alex Birkett
Hi,
Firefox 3.6.2 supports the TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA cipher suite.
I've co
Hi,
Firefox 3.6.2 supports the TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA cipher
suite. I've configured Open SSL (version 1.0.0.a) as a test server with
what I think is a suitable ECC key/certificate (attached) The keys were
created with the attached script.
The server was started like this:
openssl s
Thanks everyone for the help, I think I am getting closer. All of the SSL
has been removed from the listener (makes much more sense to me now), and
the Init routine has had CRYPTO_malloc_init() and
ENGINE_load_builtin_engines() added (it already had the other "basic"
routines).
When I use my clien
Aw, shoot. I see this is a re-issue of your question and others have
provided better answers already a few hours ago.
Keeping your browser open all night doesn't make gmail show a fresh
bunch when you wake up. Time for first coffee, pronto...
Anyway, check that add_all_algo thing anyway. Given you
eady did.
On Thu, Jan 22, 2009 at 8:10 PM, Dan Arcari wrote:
> Hello,
>
> I'm wondering if someone can help me with a "no shared cipher" error
> occurring when I attempt SSL_accept? I'll try to explain what's being done
> as succinctly as possible:
>
>
On Thu, Jan 22, 2009 at 08:51:20PM -0500, Dave Thompson wrote:
> Except as noted above, this sounds reasonable. I assume you realize
> that ALL includes, and could possibly negotiate, some weak ciphers;
> but since you're explicitly adding eNULL you apparently don't care.
> It certainly should be
> From: owner-openssl-us...@openssl.org On Behalf Of Dan Arcari
> Sent: Wednesday, 21 January, 2009 16:18
> I'm wondering if someone can help me with a "no shared cipher" error
occurring when I attempt
> SSL_accept? I'll try to explain what's being done as su
Hello,
I'm wondering if someone can help me with a "no shared cipher" error
occurring when I attempt SSL_accept? I'll try to explain what's being done
as succinctly as possible:
1. There are two classes, SocketListener and SocketClient. Each does the
following as p
Hello,
I'm wondering if someone can help me with a "no shared cipher" error
occurring when I attempt SSL_accept? I'll try to explain what's being done
as succinctly as possible:
1. There are two classes, SocketListener and SocketClient. Each does the
following as p
On Tue, Sep 20, 2005, Vinay Jha wrote:
> Hello,
> Thanks for the quick response.
>
> I'm using certificate chain (root-intermediate and cert). There is no
> option of using certchain in the s_client or server.
There is an option to do that. If you include the intermediate and root
certificates i
users@openssl.org
Subject: Re: Query abt s->cert->pkeys : encountering No shared cipher
error
On Tue, Sep 20, 2005, Vinay Jha wrote:
> Hi all,
> I'm having a problem where ssl_handshake returns with the alert "No
> shared cipher". After debugging a little more
On Tue, Sep 20, 2005, Vinay Jha wrote:
> Hi all,
> I'm having a problem where ssl_handshake returns with the alert "No
> shared cipher". After debugging a little more I have following
> questions:
Well before delving into the internals you should consider a few issues...
Can you connect to the s
Title: Query abt s->cert->pkeys : encountering No shared cipher error
Hi all,
I'm having a problem where ssl_handshake returns with the alert "No shared cipher". After debugging a little more I have following questions:
1. What is s->certs and s->certs->pke
using the SSL_CTX_set_tmp_dh() for example:
check the source to s_server in apps/s_server.c for an example.
Bob Ingraham wrote:
Anyone know why I would get a "No shared cipher" error from the SSL
handshake?
__
Anyone know why I would get a "No shared cipher" error from the SSL
handshake?
__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Auto
33 matches
Mail list logo
