Hi! I am trying to force my TLS 1.2 connection into Suite B mode, but at handshake I get an error "no shared cipher".
The server code is basically: SSL_CTX_new(TLSv1_2_server_method()); //ECDSA cert is added to the ctx SSL_CTX_use_certificate(ctx_, serverCert.cert.get()) SSL_CTX_use_PrivateKey(ctx_, serverCert.privateKey.get()) SSL_CTX_set_cipher_list(ctx, "SUITEB128"); SSL_CTX_set_options(ctx_, SSL_OP_NO_TICKET); SSL_CTX_set_session_cache_mode(ctx_, SSL_SESS_CACHE_BOTH); The client code is very similar. If I comment out the SSL_CTX_set_cipher_list call, it works and the session is established with ECDH-ECDSA-AES256-GCM-SHA384. I suspect I need to provide the server with ephemeral ECDH keys, but I cannot figure out how to do that. Does anyone have a working example to share? Thanks! Fredrik ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
