[openssl-users] OpenSSL Client mode: Rejecting weak DH parameters
Rashid Mahmood
rashid_m180 at yahoo.com
Mon Oct 5 11:02:37 UTC 2015
Hi,
Currently OpenSSL in Client mode stops handshake only if the keylength of Server selected DH parameters is less than 768 bit (hardcoded in source). Is there any way to set the minimum key length usingpublic APIs? In my client i want to stop handshake if the keylength of Server selected DH parameters is less than 2048bit. Preferred way would be to set via API e.g. Option setting exposed by OpenSSL.
Kind Regards,
Rashid Mahmood
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20151005/25bddd54/attachment.html>
More information about the openssl-users
mailing list