[openssl-users] Integrating New Cipher Suite

Dr. Stephen Henson steve at openssl.org
Mon Apr 10 13:56:40 UTC 2017

On Sat, Apr 08, 2017, Schmicker, Robert wrote:

> Hello,
> I'm attempting to integrate a customized cipher suite for TLS 1.2,
> however no matter what I try I always seem to end up with this error
> (client side):
> SSL routines:ssl_cipher_list_to_bytes:no ciphers
> available:ssl/statem/statem_clnt.c:3567
> Can anyone give some further explanation on this?
> Here's some snippets from the client and server setup.
> client:

That sounds like the cipher isn't visible.

I'd suggest trying s_client/s_server first.

Which version of OpenSSL are you using?

Does your new cipher appear in "openssl ciphers"? If so does the output look
sensible? Does it appear with the -s option too?

Is the cipher visible using "openssl list -cipher-algorithms" (OpenSSL 1.1.0)
or "openssl list-cipher-algorithms" (OpenSSL 1.0.2).

Is your new cipher usable via the command line utilities like "enc"? Does it
seems to be behaving as expected?

Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org

More information about the openssl-users mailing list