Hey Steve,
> It picks the highest preference curve supported by both sides, which is
> usually the strongest curve but it doesn't have to be.
Oh, cool! Thanks for clarifying that, I somehow missed the new
functions to set the curves list before.
Best regards,
Piotr Sikora
___
On Fri, Nov 01, 2013, Piotr Sikora wrote:
> Hey,
>
> > I think it's a bug in OpenSSL 1.0.2. It shouldn't break anything that works
> > in
> > previous versions, at least not without a very good reason.
> >
> > I'll look into it.
>
> I already reported / patched this a while ago (with no respons
Hey,
> I think it's a bug in OpenSSL 1.0.2. It shouldn't break anything that works in
> previous versions, at least not without a very good reason.
>
> I'll look into it.
I already reported / patched this a while ago (with no response):
https://rt.openssl.org/Ticket/Display.html?id=3103
> It's t
On Fri, Nov 01, 2013, Rob Stradling wrote:
> Hi. When I build the latest development version of httpd or nginx
> against the OpenSSL_1_0_2-stable branch, the ECDHE-RSA and
> ECDHE-ECDSA ciphers don't work. With both webservers, I can get
> these ciphers to work by either...
> 1. Deleting: SSL_
Hi. When I build the latest development version of httpd or nginx
against the OpenSSL_1_0_2-stable branch, the ECDHE-RSA and ECDHE-ECDSA
ciphers don't work. With both webservers, I can get these ciphers to
work by either...
1. Deleting: SSL_CTX_set_options(ctx, SSL_OP_SINGLE_ECDH_USE);
or