[erlang-bugs] Incomplete Elliptic Curve Cipher Suites in R16B01 and R16B02

Ingela Anderton Andin <>
Thu Oct 3 09:56:14 CEST 2013

Hi Klaus!

On 10/02/2013 05:48 PM, Klaus Trainer wrote:
> Thanks.  I'm not too confident about that test either.  I checked with
> an oldish OpenSSL version (1.0.1c) as well and suddenly also had lots of
> cipher suites fail that worked well when testing with OpenSSL 1.0.1.e
> previously.
>> If you look closer you willl see that the error is:
>> "140232248637088:error:1408A0C1:SSL routines:SSL3_GET_CLIENT_HELLO:no
>> shared cipher:s3_srvr.c:1353:"
>> After just a quick check of
>> your test of erlang:
>> works not: ECDH-RSA-AES256-SHA384
>> Our test suite: ssl_ECC_SUITE:client_ec_server_ec/1
>> sucessfully negotiaties ECDH-RSA-AES256-SHA384 with openssl in R16B02
>> So I think some of your conclusions where a bit premature.
>> The problems you mentioned in R16B01 are probably fixed in R16B02
> I did see that lots of related fixes went into R16B02.  However I still
> have the same problems as with R16B01, i.e., the TLS handshake fails
> both in Chromium (version 28.0 GNU/Linux x86_64) and Firefox (version
> 24.0 GNU/Linux x86_64) as long as I don't disable ecdh cipher suites.
>> Also there is at the moment a documented limitation:
>> "Elliptic Curve cipher suites are supported if crypto supports it and
>> named curves are used."
> I don't know for sure, but maybe this is exactly the problem with some
> browsers.

Does this mean that you can connect to your server with other browsers 
without disabling ecdh-suites?

Openssl for instance has a known bug in versions 1.0.0 and 1.0.1a
that will make ecdh-suites fail.

I think its unlikely your server cert does not use a named curve, but 
possible of course, you can use the public_key application to inspect 
your certificate and check that.

> Please let me know if you think I can provide additional help on that
> issue!

Can you connect to your server using erlang shell as a client 
(ssl:connect) ?
Can you connect to your server using openssl s_client from a shell?

If not what errors do you get?

Regards Ingela Erlang/OTP Team - Ericsson AB

More information about the erlang-bugs mailing list