Duplicate :
|
Please consider the below case, 1. The key store contains two ECDSA certificates, which use secp256r1 and secp384r1 respectively. 2. Limit the supported groups to sepc384r1 only. The ECDSA with secp256r1 certificate may be selected as unexpected. This issue would raise on TLSv1.2 and earlier protocols.
|