cipherlist with only tlsv1.3 ciphers reports error?
PGNet Dev
pgnet.dev at gmail.com
Sat Jul 20 16:09:29 UTC 2019
On 7/20/19 8:17 AM, Viktor Dukhovni wrote:
> On Sat, Jul 20, 2019 at 07:35:49AM -0700, PGNet Dev wrote:
>
>>>> Checking cipherlist for just TLSv1.3 ciphers FAILs here,
>>>>
>>>> openssl ciphers -stdname -s -V 'TTLS13-CHACHA20-POLY1305-SHA256:TLS13-AES-128-GCM-SHA256:TLS13-AES-256-GCM-SHA384'
>>>> Error in cipher list
>>>
>>> This is expected. Try:
>>>
>>> openssl ciphers -tls1_3 -stdname -s -V -ciphersuites 'TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256' 'aNULL'
>
> TLS 1.3 cipher code points are fundamentally different from TLS 1.0–1.2
Thanks, mostly clear now.
> You've just not read the documentation carefully.
You're possibly making some not-necessarily valid assumptions about
who's read what, with what level of 'care', and the clarity of the
written documents ...
More information about the openssl-users
mailing list