[openssl-users] Getting info on the ciphers supported by a client

Waldin nospam.waldin at yopmail.com
Sun Mar 8 08:14:31 UTC 2015


Sorry for chiming in with a related question.

Am 06.03.2015 um 21:04 schrieb Dr. Stephen Henson:

> I'm not sure OpenSSL can do exactly what you want: 1.0.2 has an option to
> return the raw ciphersuite list sent by the client. The s_server utility
> will print this out if you set the -brief option.

I'm not an experienced OpenSSL user, but managed to create certificates
and to make OpenSSL 1.0.2 listen on port 443 for incoming requests.
Works great for checking ciphers enabled in browsers.

Now, I also want to check ciphers enabled in (mobile) mail clients.
I've tried to make OpenSSL listen on port 110 (for POP with TLS) and
redirected the client to the OpenSSL server.  But when trying to pull
mail I can't see any handshake information:

> >openssl s_server -cert public.pem -key ca-key.pem -accept 110 -debug
> Enter pass phrase for ca-key.pem:
> Loading 'screen' into random state - done
> Using default temp DH parameters
> ACCEPT
> read from 0x4c0df0 [0x4c63e0] (11 bytes => 6 (0x6))
> 0000 - 51 55 49 54 0d 0a                                 QUIT..
> read from 0x4c0df0 [0x4c63e6] (5 bytes => 0 (0x0))
> ERROR
> shutting down SSL
> CONNECTION CLOSED
> ACCEPT

I'm obviously missing something.  Could anyone please enlighten me?

Wald



More information about the openssl-users mailing list