On Wed, Oct 04, 2017, Mahesh Bhoothapuri wrote: > I am attaching a pcap where I set the supported list to contain X25519. > The client extension contains X25519. However, the server still responds > with keyshare extension secp256r1 in a hello retry request. >
Are you calling SSL_CTX_set1_groups_list() including X25519 on the server too? Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
