Setting Signature algorithm for Client Hello in openssl.cnf

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

Setting Signature algorithm for Client Hello in openssl.cnf

Sreekanth Sukumaran
Hi All,

I am looking for an option in "openssl.cnf" file to control the signature algorithms supported by an OpenSSL based TLS client application which it lists in the "Client Hello" message and also the signature algorithm used for signing the Client "CertificateVerify" message sent to the server for proof of possession of the client private key

Is there an option to set this in openssl.cnf file?. I searched the man pages, but did not see a corresponding option.

What i got so far is
-----------------------------------------------------
ssl_conf = ssl_sect

[ssl_sect]


client = client_secion

[client_section]
ClientSignatureAlgorithms=RSA+SHA256

-------------------------------------------------------

Is this supported in conf file? Can somebody help me with this? Thanks.
--
Regards,
Sreekanth

--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users