Using release 4.0.1.320 i get "OUTgoing fatal alert:handshake_failure: Reception of a handshake_failure alert message indicates that the sender was unable to negotiate an acceptable set of security parameters given the options available. This is a fatal error. Extended information: Unable to find a server certificate appropriate for the selected cipher suite." after starting everything up using the infamous rtcSSecTest unit.

I have tried two different certificates. When entering TsmStreamSecII.TLSSetupServer options look ok. At first chance lRSAPriv is set to nil. Might be significant (?).

How do i move on in solving my problem?

Best regards,

/Dany

Make sure neither certificate is expired. Also try with a fresh server.pfx generated using the TLSDemoCert demo project. Make sure the pfx file passwords match.

The cipher suites have to match the server certificate(s). For instance, you must not enable signatureECDSA or signatureDSA, if you only have a server certificate with a RSA subject public key. Conversely, if you only have a server certificate with a EC subject public key, you must enable signatureECDSA and must disable signatureRSA.

If you are using server certificate pfx files that were generated using other software (such as OpenSSL), you have to update to the latest ST 4.0 version.