From: openssl-users On Behalf Of Rajeswari K
Sent: Monday, February 02, 2015 22:17
Thanks for responding. Following is the output printed by openssl
./openssl req -in csr.csr -noout -text
snip
Subject Public Key Info:
Public Key Algorithm: id-ecPublicKey
From: openssl-users On Behalf Of Rajeswari K
Sent: Sunday, February 01, 2015 21:18
Am facing an issue of no shared cipher error during SSL Handshake,
when tried to negotiate ECDHE cipher suite.
snip
*Feb 2 01:00:47.894: SSL_accept:error in SSLv3 read client hello C
*Feb 2 01:00:47.894
issue with these parameters?
Thanks,
Rajeswari.
On Tue, Feb 3, 2015 at 8:28 AM, Dave Thompson dthomp...@prinpay.com wrote:
From: openssl-users On Behalf Of Rajeswari K
Sent: Sunday, February 01, 2015 21:18
Am facing an issue of no shared cipher error during SSL Handshake,
when tried
Hello Openssl users,
Am facing an issue of no shared cipher error during SSL Handshake, when
tried to negotiate ECDHE cipher suite.
We are using openssl-1.0.1j version. Can you please share your thoughts?
Following are the logs during SSL Handshake.
Server has 2 from 0xE29690E0:
0x10B42900
May 2011, 17:56
Subject: Re: No shared cipher error using ECDSA
On Fri, May 13, 2011 at 05:41:52PM +0100, Mike Bell wrote:
However I keep getting a no shared cipher error.
In my client server openssl.cnf files I've specified
cipher AES-128-CBC
This is not an EC cipher, and if you configure
On Mon, May 16, 2011 at 11:56:41AM +0100, Mike Bell wrote:
Thanks Viktor,
I hadn't properly understood the relationship between the certificate
and the cipher, so I'll look at that now. I think I'm also confusing
the OpenVPN? OpenSSL relationship.
OpenVPN does appear to be using TLS
Hi,
I’m trying to create a VPN using OpenVPN over OpenSSL encrypted with AES and
using an elliptical curve DSA.
However I keep getting a “no shared cipher” error.
The full error log is :-
MULTI: multi_create_instance called
Re-using SSL/TLS context
Control Channel MTU parms [ L:1557 D:138 EF
On Fri, May 13, 2011 at 05:41:52PM +0100, Mike Bell wrote:
However I keep getting a no shared cipher error.
In my client server openssl.cnf files I've specified
cipher AES-128-CBC
This is not an EC cipher, and if you configure an EC cert, but specify
a cipher that is one of the ones
Hi,
I’m trying to create a VPN using OpenVPN over OpenSSL encrypted with AES and
using an elliptical curve DSA.
However I keep getting a “no shared cipher” error.
The full error log is :-
MULTI: multi_create_instance called
Re-using SSL/TLS context
Control Channel MTU parms [ L:1557 D:138
on AES and either EC
DSA, DSA or RSA as the signature algorithm, but with a preference for ECDSA.
Thanks
From: Victor Duchovni victor.ducho...@morganstanley.com
To: openssl-users@openssl.org openssl-users@openssl.org
Sent: Friday, 13 May 2011, 17:56
Subject: Re: No shared cipher error using
On Fri, May 13, 2011 at 06:36:34PM +0100, Mike Bell wrote:
I had originally put
cipher AES-128-CBC
in SERVER.OVPN CLIENT.OVPN, not OPENSSL.CNF files (it's been a long week!)
I am not familiar with your VPN product, so you'll have to figure out
what configuration options are applicable. If
Hi,
I've generated certificates based on the secp256r1 curve and a connection to
the server can be established not only with FireFox, but also Internet
Explorer and Chrome. It must be that secp160r2 is not supported by the
browsers. Do you think it would be possible to add a more descriptive
Hi,
Firefox 3.6.2 supports the TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA cipher
suite. I've configured Open SSL (version 1.0.0.a) as a test server with
what I think is a suitable ECC key/certificate (attached) The keys were
created with the attached script.
The server was started like this:
openssl
Hi Alex,
just check the list of ciphersuites that FF sends in its client hello message
and you'll see which ciphersuites FF supports.
HTH,
Patrick Eisenacher
-Original Message-
From: Alex Birkett
Hi,
Firefox 3.6.2 supports the TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA cipher suite.
I've
Hi Patrick,
Thanks for your response. FF 3.6.2 is
sending TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA in it's client hello message.
The command line OpenSSL client can be made to connect using this cipher
suite. Any ideas?
Thanks,
Alex
On 8 July 2010 13:41, Eisenacher, Patrick
Hi Alex,
if you configure s_client with the same list of ciphersuites that firefox
sends, then s_server will show the same reaction. That means your ff and your
s_client send different lists of ciphersuites.
You seem to invoke s_client with the standard list of ciphersuites...whatever
that
Hi Patrick,
openssl s_client -connect localhost:4433 -cipher ECDHE-ECDSA-AES256-SHA
works fine it sends the following cipher suite in the client hello message:
Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA (0xc00a)
Just double checked with wireshark and FF also sends
Cipher Suite:
Hi Alex,
are you sure, ff ist talking to the same server on port 4433?
Do you get a successful handshake when using a different ciphersuite on the
server?
Patrick Eisenacher
-Original Message-
From: Alex Birkett
Hi Patrick,
openssl s_client -connect localhost:4433 -cipher
Hi,
on https://developer.mozilla.org/en/Security_in_Firefox_2 I found that FF 2 does
support only curves with 256, 384, and 521. Maybe this is the same for FF 3 and
your 160 bit curve is not supported.
Bye
Dirk
Alex Birkett wrote:
Hi,
Firefox 3.6.2 supports the
On Thu July 8 2010, Dirk Menstermann wrote:
Hi,
on https://developer.mozilla.org/en/Security_in_Firefox_2 I found that FF 2
does
support only curves with 256, 384, and 521. Maybe this is the same for FF 3
and
your 160 bit curve is not supported.
Try: about:config in your browser, page
Thanks everyone for the help, I think I am getting closer. All of the SSL
has been removed from the listener (makes much more sense to me now), and
the Init routine has had CRYPTO_malloc_init() and
ENGINE_load_builtin_engines() added (it already had the other basic
routines).
When I use my client
Hello,
I'm wondering if someone can help me with a no shared cipher error
occurring when I attempt SSL_accept? I'll try to explain what's being done
as succinctly as possible:
1. There are two classes, SocketListener and SocketClient. Each does the
following as part of SSL initialization
From: owner-openssl-us...@openssl.org On Behalf Of Dan Arcari
Sent: Wednesday, 21 January, 2009 16:18
I'm wondering if someone can help me with a no shared cipher error
occurring when I attempt
SSL_accept? I'll try to explain what's being done as succinctly as
possible:
1. There are two
On Thu, Jan 22, 2009 at 08:51:20PM -0500, Dave Thompson wrote:
Except as noted above, this sounds reasonable. I assume you realize
that ALL includes, and could possibly negotiate, some weak ciphers;
but since you're explicitly adding eNULL you apparently don't care.
It certainly should be
, 2009 at 8:10 PM, Dan Arcari danarc...@gmail.com wrote:
Hello,
I'm wondering if someone can help me with a no shared cipher error
occurring when I attempt SSL_accept? I'll try to explain what's being done
as succinctly as possible:
1. There are two classes, SocketListener and SocketClient. Each
Aw, shoot. I see this is a re-issue of your question and others have
provided better answers already a few hours ago.
Keeping your browser open all night doesn't make gmail show a fresh
bunch when you wake up. Time for first coffee, pronto...
Anyway, check that add_all_algo thing anyway. Given
Hello,
I'm wondering if someone can help me with a no shared cipher error
occurring when I attempt SSL_accept? I'll try to explain what's being done
as succinctly as possible:
1. There are two classes, SocketListener and SocketClient. Each does the
following as part of SSL initialization
Title: Query abt s-cert-pkeys : encountering No shared cipher error
Hi all,
I'm having a problem where ssl_handshake returns with the alert No shared cipher. After debugging a little more I have following questions:
1. What is s-certs and s-certs-pkeys? What is their role and who/what sets
On Tue, Sep 20, 2005, Vinay Jha wrote:
Hi all,
I'm having a problem where ssl_handshake returns with the alert No
shared cipher. After debugging a little more I have following
questions:
Well before delving into the internals you should consider a few issues...
Can you connect to the server
@openssl.org
Subject: Re: Query abt s-cert-pkeys : encountering No shared cipher
error
On Tue, Sep 20, 2005, Vinay Jha wrote:
Hi all,
I'm having a problem where ssl_handshake returns with the alert No
shared cipher. After debugging a little more I have following
questions:
Well before
Anyone know why I would get a No shared cipher error from the SSL
handshake?
__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List
the SSL_CTX_set_tmp_dh() for example:
check the source to s_server in apps/s_server.c for an example.
Bob Ingraham wrote:
Anyone know why I would get a No shared cipher error from the SSL
handshake?
__
OpenSSL Project
32 matches
Mail list logo