On Fri, Nov 09, 2012, Karel Sedl??ek wrote: > This problem is related to an issue I have been experiencing with a > piece of bespoke software I am writing that uses OpenSSL to terminate > SSL/TLS connections, using non-blocking I/O. > > Observations: > - My server's TLS handshake for cipher ECDHE-ECDSA-AES256-GCM-SHA384 fails. > - If I use ALL for my server cipher list and specify no cipher list > for `openssl s_client`, `openssl s_client` successfully negotiates > ECDH-ECDSA-AES256-SHA.
Have you set up appropriate ECDH temporary key parameters in the server ? If no ECDH temporary parameters are set up then ECDHE ciphersuites are disabled by the server. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
