[openssl-users] Disable a cipher suite in openssl.cnf?

Viktor Dukhovni openssl-users at dukhovni.org
Sun Sep 25 02:48:34 UTC 2016

> On Sep 24, 2016, at 7:16 PM, Salz, Rich <rsalz at akamai.com> wrote:
>> Mr. Neugroschl's quest for a simple solution does bring up -- in my user-oriented opinion -- a very good follow-on question: "Why cannot a config file be utilized by openssl to simply give access based on an allow/deny mechanism that would give users system-wide control in a single place?".
> We just haven't gotten around to it yet.

The SSL_CONF API (IIRC also in 1.0.2, definitely in 1.1.0) allows
for shared settings in applications that use that API to set the
defaults.  Most applications are not using this yet...


More information about the openssl-users mailing list