-
Notifications
You must be signed in to change notification settings - Fork 111
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
A question about signature algorithm #813
Comments
openssl 3.0 is unnecessarily strict, and will refuse serving a certificate with anything but SHA-1 if the client doesn't advertise The test case should be updated to also working with servers that only support DHE/ECDHE key exchange, also to address #563 |
But when I use no signature algorithm extension of test-invalid-version.py to test OpenSSL 3.0.3 3 May 2022,Why didn't it turn out no suitable signature algorithm
If I were to test OpenSSL 1.1.1t 7 Feb 2023
As a beginner, I looked up some information, but I still don't understand. Could you tell me more details? Thank you very much |
error messages from openssl are quite famously unreliable |
When I used test-invalid-version.py to test OpenSSL 1.1.1t 7 Feb 2023, the sanity test passed,
but when I tested OpenSSL 3.0.3 3 May 2022, the sanity test is fail
I know add extension of ClientHello, for OpenSSL 3.0.3 3 May 2022 sanity test can Pass,
If l don't add extensions, why can OpenSSL 1.1.1t 7 Feb 2023 pass but OpenSSL 3.0.3 3 May 2022 fail,
could you help me ?
The text was updated successfully, but these errors were encountered: