[openssl-users] Disable a cipher suite in openssl.cnf?

Richard Moore richmoore44 at gmail.com
Sat Sep 24 15:04:40 UTC 2016


On 23 September 2016 at 17:13, Scott Neugroschl <scott_n at xypro.com> wrote:

> Hi,
>
>
>
> I’m afraid the man page on the conf file is not particularly clear.   I’m
> looking at mitigating CVE-2016-2183 (SWEET32), and am not sure how to
> disable the DES and 3DES suites in the conf file.
>
> Can someone give me a hand?
>
>
>

​You can't disable them in the openssl config file, you should do it in the
cipher suite configuration of the affected application.

Cheers

Rich.
​
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20160924/d96fe128/attachment.html>


More information about the openssl-users mailing list