NXLOG-CE v2.9.1716 with a certificate built with a ECDSA key

#1 D.LEC 7 years ago

Hello,

Extract of nxlog.log :

2016-08-24 08:58:30 INFO nxlog-ce-2.9.1716 started
2016-08-24 09:01:24 INFO SSL connection accepted from 172.25.20.35:51694
2016-08-24 09:01:24 ERROR SSL error, SSL_ERROR_SSL: retval -1, no shared cipher,
2016-08-24 09:01:24 WARNING SSL connection closed from 172.25.20.35:51694

My question : SSL libraries (libeay32.dll and ssleay32.dll) used by NXLOG-CE are they compatible with use of a certificate built with a ECDSA key ?

Thanks for your help.

Permalink

#2 adm Nxlog ✓ 7 years ago

#1 D.LEC

Hello, Extract of nxlog.log : 2016-08-24 08:58:30 INFO nxlog-ce-2.9.1716 started 2016-08-24 09:01:24 INFO SSL connection accepted from 172.25.20.35:51694 2016-08-24 09:01:24 ERROR SSL error, SSL_ERROR_SSL: retval -1, no shared cipher, 2016-08-24 09:01:24 WARNING SSL connection closed from 172.25.20.35:51694 My question : SSL libraries (libeay32.dll and ssleay32.dll) used by NXLOG-CE are they compatible with use of a certificate built with a ECDSA key ? Thanks for your help.

This is a known issue.

Reportedly when the cert has Key Usage "Digital Signature, Key Encipherment" the observed error occurs. The workaround is to omit these flags.