Martin Rowe wrote:
At least that eliminates the client certificate. I'll play around some of the extensions on the server certificate.
So I played around a lot with the server certificate. The error only occurs when the server key is generated using curve secp521r1. [1] and [2] both claim Windows 8.1 supports that curve, and it works with the other "supported" curves (secp256r1 and secp384r1) and even works when Windows uses secp521r1 for the client key/certificate, just not when the server uses it. Like I said earlier, Linux and Android are both able to connect when the server uses secp521r1, so I'm assuming this is a Windows bug. [1] http://technet.microsoft.com/en-us/library/cc766285(v=ws.10).aspx [2] http://en.wikipedia.org/wiki/Comparison_of_TLS_implementations A little further investigation found [3] which seems to indicate that secp521r1 can be enabled. I checked on Windows 8.1 and the settings appear the same, but it's late so this will have to wait until tomorrow. There is still hope. [3] http://www.carbonwind.net/blog/post/IE8-on-Windows-7-and-the-sha512ecdsa-com... Thanks Marty