how to enable DHE ciphers on openssl for using on command line
Mark Hack
markhack at markhack.com
Wed Nov 17 14:14:30 UTC 2021
"openssl ciphers" will show you the correct names which in this case is
DHE-RSA-AES128-GCM-SHA256
On Wed, 2021-11-17 at 16:25 +0800, M K Saravanan wrote:
> Hi,
>
> Do I need to do any config to enable DHE based ciphers in openssl for
> command line usage?
>
> $ openssl s_client -cipher 'DHE_RSA_WITH_AES_128_GCM_SHA256' -connect
> 10.10.16.100:443
> Error with command: "-cipher DHE_RSA_WITH_AES_128_GCM_SHA256"
> 139775998456896:error:140E6118:SSL
> routines:ssl_cipher_process_rulestr:invalid
> command:ssl/ssl_ciph.c:1028:
>
> mksarav at ubuntu1804:~$ openssl version
> OpenSSL 1.1.1d 10 Sep 2019
>
> Non DHE ciphers are working fine with the above command option. Are
> they purposely removed for security reasons? I need to use DHE
> ciphers
> for some testing purpose. Is there anyway can I use it?
>
>
> with regards,
> Saravanan
More information about the openssl-users
mailing list