On Tue, May 8, 2012 at 7:33 PM, Nelson B Bolyard <nel...@bolyard.me> wrote: > > Bernhard, > I think the most likely explanations are these: > > 1) Server certificate has a public key that is too small, too large, has a > too small public exponent (if RSA), an unknown key type, or a key for an > Elliptic Curve that is not supported by NSS. > > 2) Some other certificate in the server's cert chain has one of the above > problems. > > 3) The server is attempting to use "Server Key Exchange" for forward > secrecy, and the key it is offering for that purpose has one of the problems > mentioned above. > > 4) The server is selecting a cipher suite that is incompatible with the type > of key in its public key certificate.
Nelson is right. I looked into a check we added recently for 3). It was added in NSS 3.12.7: https://bugzilla.mozilla.org/show_bug.cgi?id=554354 Since you're using NSS 3.12.5.0, that makes 3) less likely, but still possible. > Ii suggest you use tcpdump or ssltap to get a trace of your own. Yes. To track this down, we need the server's certificate chain and the "Server Key Exchange" handshake message, if it is used. Wan-Teh -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto