[openssl-users] Disable a cipher suite in openssl.cnf?
Viktor Dukhovni
openssl-users at dukhovni.org
Sun Sep 25 02:48:34 UTC 2016
> On Sep 24, 2016, at 7:16 PM, Salz, Rich <rsalz at akamai.com> wrote:
>
>>
>> Mr. Neugroschl's quest for a simple solution does bring up -- in my user-oriented opinion -- a very good follow-on question: "Why cannot a config file be utilized by openssl to simply give access based on an allow/deny mechanism that would give users system-wide control in a single place?".
>
> We just haven't gotten around to it yet.
The SSL_CONF API (IIRC also in 1.0.2, definitely in 1.1.0) allows
for shared settings in applications that use that API to set the
defaults. Most applications are not using this yet...
--
Viktor.
More information about the openssl-users
mailing list