DH group cipher suites getting rejected

Chitrang Srivastava chitrang.srivastava at gmail.com
Wed Sep 18 09:03:03 UTC 2019


Why google rejected DH ciphers suites, I am trying
*openssl s_client -cipher 'DHE-RSA-AES128-GCM-SHA256' -connect
www.google.com:443 <http://www.google.com:443>*
However if I try ECDHE, it works fine. Is DHE only cipher suites less
common now ?
I believe its responsibility of server to generate DHparam of large enough

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20190918/06e01afb/attachment.html>

More information about the openssl-users mailing list