search for: ssl_ctx_set1_group

Displaying 5 results from an estimated 5 matches for "ssl_ctx_set1_group".

Did you mean: ssl_ctx_set1_groups
2018 Jul 31
2
2.3.2.1 - EC keys suppport?
...er -cert ec.cert.pem -key ec.key.pem -port 5555 -curves > brainpoolP512r1 ] > [ openssl s_client -connect localhost:5555 -curves brainpoolP512r1 ] > > I am not familiar really with the OpenSSL API and only roughly gather > that the app (dovecot) would have to make the API call [ > SSL_CTX_set1_groups_list ] > (https://www.openssl.org/docs/manmaster/man3/SSL_CTX_set1_groups.html) > in order to support those curves. > > Whoops. We have a setting called `ssl_curve_list` in dovecot, and I tried using that when I was testing. Turns out that there is a bug preventing that setting from b...
2018 Jul 30
2
2.3.2.1 - EC keys suppport?
>>>> I did some local testing and it seems that you are using a curve >>>> that is not acceptable for openssl as a server key. >>>> I tested with openssl s_server -cert ec-cert.pem -key ec-key.pem >>>> -port 5555 >>>> using cert generated with brainpool. Everything works if I use >>>> prime256v1 or secp521r1. This is a
2018 Jul 31
0
2.3.2.1 - EC keys suppport?
...s this way: [ openssl s_server -cert ec.cert.pem -key ec.key.pem -port 5555 -curves brainpoolP512r1 ] [ openssl s_client -connect localhost:5555 -curves brainpoolP512r1 ] I am not familiar really with the OpenSSL API and only roughly gather that the app (dovecot) would have to make the API call [ SSL_CTX_set1_groups_list ] (https://www.openssl.org/docs/manmaster/man3/SSL_CTX_set1_groups.html) in order to support those curves.
2018 Jul 31
0
2.3.2.1 - EC keys suppport?
...y ec.key.pem -port 5555 -curves >> brainpoolP512r1 ] >> [ openssl s_client -connect localhost:5555 -curves brainpoolP512r1 ] >> >> I am not familiar really with the OpenSSL API and only roughly gather >> that the app (dovecot) would have to make the API call [ >> SSL_CTX_set1_groups_list ] >> (https://www.openssl.org/docs/manmaster/man3/SSL_CTX_set1_groups.html) >> in order to support those curves. >> >> > Whoops. > > We have a setting called `ssl_curve_list` in dovecot, and I tried using > that when I was testing. Turns out that there is a...
2018 Jul 31
2
2.3.2.1 - EC keys suppport?
...-curves >>> brainpoolP512r1 ] >>> [ openssl s_client -connect localhost:5555 -curves brainpoolP512r1 ] >>> >>> I am not familiar really with the OpenSSL API and only roughly gather >>> that the app (dovecot) would have to make the API call [ >>> SSL_CTX_set1_groups_list ] >>> (https://www.openssl.org/docs/manmaster/man3/SSL_CTX_set1_groups.html) >>> in order to support those curves. >>> >>> >> Whoops. >> >> We have a setting called `ssl_curve_list` in dovecot, and I tried using >> that when I was te...