Hi ,
Since openssl.1.0.1c doesn't support "ECDHE-ECDSA-AES128-CCM" cipher suite,
I added this support in the openssl code.
It works fine with ECC certificates which are not self-signed.
When I process my ECC self-signed certificate, my webserver throughing "X5*
09_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE"* error during certificate
verification.
Attached is the ECC self signed certificate with "ECDHE-ECDSA-AES128-CCM"
cipher suite.
Pls throw some light to understand this problem .
Rgds
Indra
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3423928322 (0xcc150002)
Signature Algorithm: ecdsa-with-SHA256
Issuer: O=XXX Self-Signed Client, CN=SS-Client CC150002
Validity
Not Before: Mar 3 19:32:05 2013 GMT
Not After : Mar 3 19:32:05 2016 GMT
Subject: O=XXX Self-Signed Client, CN=SS-Client CC150002
Subject Public Key Info:
Public Key Algorithm: id-ecPublicKey
Public-Key: (256 bit)
pub:
04:66:13:1c:ac:34:d0:74:dc:cd:59:96:25:62:09:
02:a9:65:09:af:6a:0a:74:5b:40:65:38:cc:cf:34:
b0:47:93:9f:80:3d:93:66:66:a9:dd:f1:7f:db:d7:
5b:2a:c5:fe:4b:97:d9:d4:51:50:e1:86:d2:2a:1e:
36:2d:59:31:fd
ASN1 OID: prime256v1
X509v3 extensions:
X509v3 Key Usage: critical
Digital Signature, Key Agreement
X509v3 Certificate Policies: critical
Policy: 1.3.6.1.4.1.40732.2.2
Signature Algorithm: ecdsa-with-SHA256
30:46:02:21:00:df:b0:69:a9:d7:70:ae:d6:a3:a1:09:98:a6:
c4:74:57:62:4b:0c:89:37:3a:b6:18:0d:cf:99:1d:79:09:cc:
db:02:21:00:d3:7f:e6:1c:d2:2c:55:47:7c:41:fb:05:bc:28:
12:b1:0c:3e:f4:ff:2a:cf:a5:ad:a5:4c:33:56:2c:d4:8d:26
