[openssl-users] Is RC4-MD5 disabled on Openssl-1.0.1h

Marcus Meissner meissner at suse.de
Thu Mar 26 09:53:09 UTC 2015

On Thu, Mar 26, 2015 at 10:42:21AM +0530, Mukesh Yadav wrote:
> HI,
> I have a query for SSl cipher on Openssl-1.0.1h
> Have an application which is using library compiled with openssl-1.0.1h.
> Application is failing in func SSL_CTX_set_cipher_list() when input is "
> RC4-MD5+RC4-SHA" and it gets succeed when input is "RC4-SHA".
> Not sure whether "RC4-MD5" is disabled by default on openssl-1.0.1h.
> Earlier application was using openssl-0.9.8d.
> There it used to work fine..
> If that is the case, is there a way to enable RC4-MD5 on openssl-1.0.1h.
> Tried looking opensource link, couldn't find a way to explicitly enable
> this algorithm or even if it is diabled by default.
> Any Inputs for same will be appreciated..

You seem to be using invalid cipher string syntax.

: is a delimiter there.

openssl ciphers RC4-MD5:RC4-SHA  -v
RC4-MD5                 SSLv3 Kx=RSA      Au=RSA  Enc=RC4(128)  Mac=MD5
RC4-SHA                 SSLv3 Kx=RSA      Au=RSA  Enc=RC4(128)  Mac=SHA1

Ciao, Marcus

More information about the openssl-users mailing list