search for: no_ecdh

Displaying 1 result from an estimated 1 matches for "no_ecdh".

Did you mean: no_ecdhe
2017 Feb 14
0
openssl 1.1.0d breaks Android7 TLS connects
...ion 1.1.0: Changes between 1.0.2h and 1.1.0 [25 Aug 2016] ... ... *) SSL_{CTX_}set_ecdh_auto() has been removed and ECDH is support is always enabled now. If you want to disable the support you should exclude it using the list of supported ciphers. This also means that the "-no_ecdhe" option has been removed from s_server. [Kurt Roeckx] So when the check for OpenSSL 1.1.0 fails, the curve selection will be forced to use secp384r1 like it would be on older versions. This curve change during negotiation breaks the connect for Android7 devices. They are not able to ne...