I am doing some testing on Elliptic Curve Cryptography certificates. And although everything seems to work. The public Qualys SSL Report encounters an error every time before the run completes.
Assessment failed: Unexpected failure
However when I just browse to the site it seems to just work fine. Except from the fact it is signed by an untrusted CA. But for testing purposes I don't consider that a problem currently.
- nginx 1.7.4 with openSSL 1.0.1i (SNI support enabled)
- gyas.nl: "primary" site, regular certificate signed by trusted CA, set as default_server in nginx config. Test works
- gyaswintdevarsity.nl: test-site, regular certificate signed by trusted CA, only accessible by SNI-enabled clients. Test works
- aegirwintdevarsity.nl: test-site, ECC certificate signed by untrusted CA, only accessible by SNI-enabled clients. Test fails
I have also tested the ECC certificate seperately with the same config. And then the Qualys SSL Report completes just fine.
Is there somethin I should adjust when setting up an ECC certificate on a shared SSL-IP?