[stunnel-users] using ECDH with stunnel
Michal.Trojnara at mirt.net
Thu Feb 11 18:27:38 CET 2010
> Is is possible to use ECDH with stunnel?
> When using s_server and specifying the cipher I can establish a
> connection. But when using stunnel and specifing the same cipher, the
> connection is rejected with "no shared cipher".
You are correct. Stunnel currently does not generate temporary ECDH keys
with EC_KEY_new_by_curve_name() function.
It should be possible to provide ECDH parameters with a certificate
It's probably also a better choice for performance, as key generation could
be a CPU-intensive operation.
What do you think?
More information about the stunnel-users