On Fri, Aug 03, 2012, Erik Tkal wrote: > I debugged this to see what is happening, and it seems that the server is > looking at the configured certificate and key and deciding that the client > needs to be sending 0xFF01 (it is finding NID_X9_62_prime_field as the field > type). However, the client is sending the full list of standard named curves. > > I create the key using NID_X9_62_prime256v1 as follows (abbreviated): >
What does the server certificate look like? Does it have a keyUsage extension and if so what is it set to? Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org