Negotiated cipher per proto (matching cipher in list missing). No further cipher order check has been done as order is determined by the client
Michael Wojcik
Michael.Wojcik at microfocus.com
Wed Mar 11 13:02:18 UTC 2020
To enforce the server's cipher order, use SSL_CTX_set_options(ctx, SSL_CTX_get_options(ctx) | SSL_OP_CIPHER_SERVER_PREFERENCE).
https://www.openssl.org/docs/man1.0.2/man3/SSL_CTX_set_options.html
________________________________
Testing server preferences
Has server cipher order? no (NOT ok)
...
No further cipher order check has been done as order is determined by the client
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20200311/e4d4c80d/attachment.html>
More information about the openssl-users
mailing list