[openssl-users] Is RC4-MD5 disabled on Openssl-1.0.1h

Mukesh Yadav write2mukesh84 at gmail.com
Thu Mar 26 15:48:52 UTC 2015


Thanks Viktor for clarification.
So in  case we need to use SSL_CTX_set_cipher_list(), we should use : for
multiple Ciphers.
and + working in old releases for same scenario can be treated as bug..

Thanks
Mukesh

On 26 March 2015 at 20:24, Viktor Dukhovni <openssl-users at dukhovni.org>
wrote:

> On Thu, Mar 26, 2015 at 07:56:38PM +0530, Mukesh Yadav wrote:
>
> > :~/openssl-0.9.8d_install/usr/local/bin# ./openssl ciphers
> RC4-MD5+RC4-SHA
> > -v
> >
> > RC4-MD5                 SSLv3 Kx=RSA      Au=RSA  Enc=RC4(128)  Mac=MD5
> >
> > RC4-MD5                 SSLv2 Kx=RSA      Au=RSA  Enc=RC4(128)  Mac=MD5
> >
> > RC4-SHA                 SSLv3 Kx=RSA      Au=RSA  Enc=RC4(128)  Mac=SHA1
>
> That's a bug.  Between two ciphers "+" means "AND".  Right after
> ":" a "+" means "move to the end".  No cipher is both RC4-MD5 AND
> RC4-SHA.
>
> --
>         Viktor.
> _______________________________________________
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20150326/c7dfa248/attachment-0001.html>


More information about the openssl-users mailing list