Topic: Unable to configure for RSA cipher suite

Hi :
i am getting the same -313 error described in the post below. I think the server site uses an RSA private key so i need to  enable the test suite  to handle this cipher suite.

How do i enable the  test suite build to  handle RSA keys in a Widows build? Do I add  #define  <    > into settings.h?

Thank you.

Will




chrisc wrote:

Hi,

The "40" error is simply reflecting the Fatal Alert message being received by the client.

It would be helpful to try and find out what cipher suites your server supports.  My guess is that the cipher suites you have enabled in wolfSSL don't include ones that are enabled on the server.  Do you have a way to find out what cipher suites are supported by your server?

If you can access your server IP:port, you could use nmap to scan the server for supported cipher suites:

$ nmap --script ssl-enum-ciphers -p 443 <host>

A few other options which you can try enabling in wolfSSL:

1. AES-GCM support (--enable-aesgcm)

2.  Static key RSA cipher suites (./configure <options> C_EXTRA_FLAGS="-DWOLFSSL_STATIC_RSA"

Best Regards,
Chris

Share

Re: Unable to configure for RSA cipher suite

Hi Will,

If you are using the wolfSSL Visual Studio project files for Windows, you can add or change the defines that are used to compile the library in the following file:

./IDE/WIN/user_settings.h

Adding the "WOLFSSL_STATIC_RSA" define will enable static key RSA cipher suites.

Best Regards,
Chris