[openssl-users] Existing connections on certification expires

Paul Yang paulyang.inf at gmail.com
Mon Aug 28 06:01:31 UTC 2017

> On 28 Aug 2017, at 13:09, mahesh gs <mahesh116 at gmail.com> wrote:
> Hello All,
> We are using openssl for providing the secured communication for our application. I have some basic queries about the openssl behaviour.
> 1) What happens to the existing SSL connections on certification expiry? Does the openssl disconnects the existing connection?

It depends on how you control OpenSSL to process the verification. Read the man page of SSL_CTX_set_verify (and related) function. Seems you can find the doc there: https://wiki.openssl.org/index.php/Manual:SSL_CTX_set_verify(3) <https://wiki.openssl.org/index.php/Manual:SSL_CTX_set_verify(3)>
> 2) How can i get the list of ciphers supported by openssl 01.01.0f ?

Either by using an API as ‘SSL_get_ciphers’ or a command line tool ‘openssl ciphers some-options', read related documentation for details.

> These question looks to be very basic but i could not find any concrete information regarding the same googling. 
> Thanks,
> Mahesh G S
> -- 
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20170828/d25ff20d/attachment.html>

More information about the openssl-users mailing list