I was using secp521r1, but secp384r1 has the same behavior. Here is the output with -state:
CONNECTED(00000003) SSL_connect:before/connect initialization write to 0x7fe008426dd0 [0x7fe008810800] (165 bytes => 165 (0xA5)) 0000 - 16 03 01 00 a0 01 00 00-9c 03 03 50 9d 3f 85 bf ...........P.?.. 0010 - f8 e2 cf 63 c0 12 15 ee-4c ab 95 c5 4a 71 31 31 ...c....L...Jq11 0020 - 4e f5 c3 42 aa 38 be 33-7c bb 27 00 00 04 c0 2c N..B.8.3|.'...., 0030 - 00 ff 01 00 00 6f 00 0b-00 04 03 00 01 02 00 0a .....o.......... 0040 - 00 34 00 32 00 0e 00 0d-00 19 00 0b 00 0c 00 18 .4.2............ 0050 - 00 09 00 0a 00 16 00 17-00 08 00 06 00 07 00 14 ................ 0060 - 00 15 00 04 00 05 00 12-00 13 00 01 00 02 00 03 ................ 0070 - 00 0f 00 10 00 11 00 23-00 00 00 0d 00 22 00 20 .......#.....". 0080 - 06 01 06 02 06 03 05 01-05 02 05 03 04 01 04 02 ................ 0090 - 04 03 03 01 03 02 03 03-02 01 02 02 02 03 01 01 ................ 00a0 - 00 0f 00 01 01 ..... SSL_connect:SSLv2/v3 write client hello A read from 0x7fe008426dd0 [0x7fe008815e00] (7 bytes => 7 (0x7)) 0000 - 15 03 01 00 02 02 28 ......( SSL3 alert read:fatal:handshake failure SSL_connect:error in SSLv2/v3 read server hello A 140735101956572:error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure:s23_clnt.c:741: --- no peer certificate available --- No client certificate CA names sent --- SSL handshake has read 7 bytes and written 165 bytes --- New, (NONE), Cipher is (NONE) Secure Renegotiation IS NOT supported Compression: NONE Expansion: NONE --- k On Fri, Nov 9, 2012 at 6:07 PM, Dr. Stephen Henson <st...@openssl.org> wrote: > On Fri, Nov 09, 2012, Karel Sedl??ek wrote: > >> I have; following is the relevant snippet: >> >> int nid = OBJ_sn2nid(ECDHE_CURVE); >> if (NID_undef == nid) >> goto err_obj_sn2nid; >> >> EC_KEY *ecdh = EC_KEY_new_by_curve_name(nid); >> if (NULL == ecdh) >> goto err_ec_key_new; >> >> SSL_CTX_set_tmp_ecdh(tls_ctx, ecdh); >> > > That should be OK as long as you're using a standard curve like P-256 > (NID_X9_62_prime256v1) or P-384 (NID_secp384r1). > > Do you get any errors server side? Do you get any alerts visible when you add > the -state option to s_client? Something like no shared cipher would be > expected if the server had (for some reason) decided ECDHE was not usable. > > Steve. > -- > Dr Stephen N. Henson. OpenSSL project core developer. > Commercial tech support now available see: http://www.openssl.org > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-users@openssl.org > Automated List Manager majord...@openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org