Hi, I've compiled successfully Apache (2.2) with OpenSSL (0.9.8b) on win32. Has tested it with success with a self-signed rsa cert.
Proceed to generate a ec cert with secp160r1. Was unable to start Apache after changing settings in httpd-ssl.conf. Changes: SSLCertificateFile d:/www/Apache2/conf/secp160r1.crt SSLCertificateKeyFile d:/www/Apache2/conf/secp160r1.key Attempted to check ec cert using command: openssl s_server -cert secp160r1.crt -key secp160r1.key and received error SSL routines: SSL3_GET_CLIENT_HELLO:no shared cipher Run command openssl x509 -in secp160r1.crt -text and noted that the signature algorithm is ecdsa-wit-SHA1. I remember that neither IE nor Firefox seem to be able to read DSA cert so am wondering whether this is the cause of the no shared cipher error. How can this be resolved? Can I convert the signature (maybe to RSA?) while still maintaining my ec key? But I still don't understand why I can't start Apache after pointing to the EC related files. Only error I received for Apache log was 'no RSA or DSA server certificate found for 'www.example.com:443'?!' Any advice, please? Thanks! SS __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
