[openssl-users] Regarding to disable some signature algorithm in client hello message
murugesh.pitchaiah at gmail.com
Tue Jun 19 09:36:15 UTC 2018
SSL_CTX_set1_client_sigalgs_list - is the correct method for this purpose.
Just try for checking return value of this function. On failure it returns 0.
Also try SSL_CTX_set1_client_sigalgs_list (ctx, "RSA+SHA256");
On 6/19/18, Devang Kubavat <devang.kubavat at in.abb.com> wrote:
> I want to disable the SHA1 hash algorithm in Extension: signature algorithm
> client hello message.
> [cid:image003.jpg at 01D407C3.1A227530]
> I have used
> /* the signature algorithms list */
> const char signAlgo = "RSA+SHA256";
> (void)SSL_CTX_set1_client_sigalgs_list(ctx, signAlgo);
> But, still client is setting all algorithms. Is there any other way to set
> signature algorithm to SSL_CTX or SSL ?
> Best Regards,
More information about the openssl-users