In case anyone is interested, the problem I reported the other day regarding OpenSSL using a temporary cert to decrypt the ephemeral key data rather than the one containing the pointers to the HSM was simply due to the fact that the client was using weak crypto. This also explained the real problem that I was tracking down which was why the performance of our server was so poor when using SSL. Just another case of not checking out the obvious issues thoroughly before jumping into the code. Hopefully others can benefit from my oversight. Sincerely, Eric Gilbertson [EMAIL PROTECTED] ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
