[stunnel-users] Problem Selecting Only Ecliptic Curve Ciphers
Carter Browne
brownec at attglobal.net
Wed Aug 7 21:55:11 CEST 2013
I'm using stunnel 4.56 on Windows 7. When I use the following cipher list:
ciphers =
ECDHE-ECDSA-AES256-SHA:ECDH-ECDSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDH-ECDSA-AES128-SHA
to establish a connection, I get a "no shared cipher" response.
The following set of ciphers does work:
ciphers =
ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:ECDH-RSA-AES256-SHA:ECDH-ECDSA-AES256-SHA:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDH-RSA-AES128-SHA:ECDH-ECDSA-AES128-SHA
Other relevant settings:
options = NO_SSLv2
sslVersion = all
fips = no
verify = 2
If I take out the first ECDHE-RSA-ASE256-SHA cipher from the list, the
ECDHE-RSA-AES128-SHA cipher is selected.
What am I doing wrong?
Thanks.
--
Carter Browne
cbrowne at cbcs-usa.com
More information about the stunnel-users
mailing list