The server error is correct - the signature_algorithms_cert extension
does not offer rsa_pkcs1_sha256 (0x0401) which is the server
certificate signing algorithm.
If the client is written in Java, check java.security for
"jdk.certpath.disabledAlgorithms" and check the constraints.
On Fri, 2021-
> From: openssl-users On Behalf Of Ma
> Zhenhua
> Sent: Thursday, 30 December, 2021 23:59
> On the SSL/TLS server, there's one error as follows.
> "SSL Error(118) - no suitable signature algorithm"
Debugging handshake failures isn't my area of expertise, but I note both
ClientHellos include a
Thanks very much, Matt and defulger.
Removing the "-fvisibility=hidden" has enabled the tests to pass.
I'll now have to see how my application (which is statically linked to OpenSSL)
fairs.
Lee
From: Matt Caswell
Sent: 23 December 2021 10:13
To: Lee Staniforth ; openssl-users@openssl.org
Subje