enabling null cipher

Matt Caswell matt at openssl.org
Thu Aug 27 08:38:55 UTC 2020

This should do it:

openssl s_server -cert /path/to/cert -key /path/to/key -cipher
eNULL at SECLEVEL=0 -no_tls1_3

>From the client side:

openssl s_client -cipher eNULL at SECLEVEL=0


On 27/08/2020 05:32, vishwas k.n. wrote:
> Hello All,
> Could someone please let me know what is the right way to enable
> null-ciphers in openssl. I want to do some performance evaluations with
> openssl and as a part of the exercise, want to tabulate performance with
> null encryption ciphers too.
> Want to get this working with openssl s_server to begin with.
> I have come across various answers where people have suggested:
> 1. specify the cipher list using SSL_CTX_set_cipher_list with cipher
> list being only eNULL.
> 2. SSL_CTX_set_security_level with level=0.
> Have tried doing this from the client side but to no avail.
> On the server side, I have added -cipher "COMPLEMENTOFALL" to s_server
> to add the null ciphers.
> Is there a config option that needs to be enabled or a code change to go
> with ?
> thanks,
> -vishwas.

More information about the openssl-users mailing list