10 Feb
2010
10 Feb
'10
7:40 a.m.
Is is possible to use ECDH with stunnel? When using s_server and specifying the cipher I can establish a connection. But when using stunnel and specifing the same cipher, the connection is rejected with "no shared cipher". e.g. openssl s_server -cert server.pem -cipher DHE-RSA-AES256-SHA It appears the difference is that s_server uses "default temp ECDH parameters" while stunnel doesn't have a default nor is there a way to specify the ECDH parameters.
From what I understand the ECDH parameters cannot be included with the certificate, unlike DH parameters.
Is my understanding correct? Thanks, Carl