Hi. When I build the latest development version of httpd or nginx
against the OpenSSL_1_0_2-stable branch, the ECDHE-RSA and ECDHE-ECDSA
ciphers don't work. With both webservers, I can get these ciphers to
work by either...
1. Deleting: SSL_CTX_set_options(ctx, SSL_OP_SINGLE_ECDH_USE);
or
2. Adding: SSL_CTX_set_ecdh_auto(ctx, 1);
Should it still be possible to manually configure ECDH keys using
SSL_CTX_set_tmp_ecdh() in 1_0_2?
If so, any ideas why it isn't working? Is there a bug in
OpenSSL_1_0_2-stable? Or are both httpd and nginx doing something wrong?
Or, is "SSL_CTX_set_ecdh_auto(ctx, 1);" the only supported way of doing
it in 1_0_2?
Thanks.
--
Rob Stradling
Senior Research & Development Scientist
COMODO - Creating Trust Online
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager majord...@openssl.org