ECDSA certificates - do not seeem to be presented

Hi Carol,

I suspect this is to do with your cipher group/string though we haven't been using these key exchanges yet. The article you provided states use 'ECDHE' but this will include all suites using RSA key exchange. For example:

# tmm --clientciphers 'ECDHE'    

    ID SUITE              BITS PROT  CIPHER       MAC   KEYX

 0: 49199 ECDHE-RSA-AES128-GCM-SHA256   128 TLS1.2 AES-GCM       SHA256 ECDHE_RSA 

 1: 49171 ECDHE-RSA-AES128-CBC-SHA     128 TLS1  AES         SHA   ECDHE_RSA 

 2: 49171 ECDHE-RSA-AES128-CBC-SHA     128 TLS1.1 AES         SHA   ECDHE_RSA 

 3: 49171 ECDHE-RSA-AES128-CBC-SHA     128 TLS1.2 AES         SHA   ECDHE_RSA 

 4: 49171 ECDHE-RSA-AES128-CBC-SHA     128 DTLS1 AES         SHA   ECDHE_RSA 

 5: 49191 ECDHE-RSA-AES128-SHA256     128 TLS1.2 AES         SHA256 ECDHE_RSA 

 6: 49200 ECDHE-RSA-AES256-GCM-SHA384   256 TLS1.2 AES-GCM       SHA384 ECDHE_RSA 

 7: 49172 ECDHE-RSA-AES256-CBC-SHA     256 TLS1  AES         SHA   ECDHE_RSA 

 8: 49172 ECDHE-RSA-AES256-CBC-SHA     256 TLS1.1 AES         SHA   ECDHE_RSA 

 9: 49172 ECDHE-RSA-AES256-CBC-SHA     256 TLS1.2 AES         SHA   ECDHE_RSA 

10: 49172 ECDHE-RSA-AES256-CBC-SHA     256 DTLS1 AES         SHA   ECDHE_RSA 

11: 49192 ECDHE-RSA-AES256-SHA384     256 TLS1.2 AES         SHA384 ECDHE_RSA 

12: 52392 ECDHE-RSA-CHACHA20-POLY1305-SHA256  256 TLS1.2 CHACHA20-POLY1305  NULL  ECDHE_RSA 

13: 49170 ECDHE-RSA-DES-CBC3-SHA      168 TLS1  DES         SHA   ECDHE_RSA 

14: 49170 ECDHE-RSA-DES-CBC3-SHA      168 TLS1.1 DES         SHA   ECDHE_RSA 

15: 49170 ECDHE-RSA-DES-CBC3-SHA      168 TLS1.2 DES         SHA   ECDHE_RSA 

You'll need to specify 'ECDHE_ECDSA' to only offer ECDSA key exchange cipher suites. Hopefully that'll do the job.

Kind regards

Ben