[openssl-users] SSL_CTX_set_cipher_list returns failure for DHE-DSS-AES256-GCM-SHA384
bkaduk at akamai.com
Wed Sep 6 12:47:22 UTC 2017
On 09/06/2017 12:02 AM, mahesh gs wrote:
> Hi All,
> I am using openssl version 01.01.00f for providing TLS and DTLS
> security for TCP and SCTP connection for our application. I have query
> regarding the "Ciphers" that are accepted by the
> SSL_CTX_set_cpiher_list API. The list of ciphers that are supported by
> openssl version 01.01.00f that is output of command "openssl ciphers
> -v" is as listed down below. When i try to set these ciphers through
> API "SSL_CTX_set_cipher_list" returns success for some and failure for
> some other ciphers.
> For example if i set "ECDHE-RSA-AES256-GCM-SHA384" API returns success
> but if i set "DHE-DSS-AES256-GCM-SHA384" or "RC4-MD5" API returns
> failure. My query is what are the accepted ciphers ? and what is the
> reason behind not accepting some of them?
OpenSSL 1.1.0 added a concept of "security level" for ciphers; see
for which levels correspond to bits of security, prohibited message
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the openssl-users