[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Selecting TLS Cipher problem



--On Monday, March 24, 2008 12:44 PM -0600 Philip Guenther <guenther+ldapsoft@sendmail.com> wrote:

On Mon, 24 Mar 2008, Pat Riehecky wrote:
I am trying to limit the cipher list for TLS negotiations, but I don't
seem to be able to do this.....
...
TLS: could not set cipher list !ALL:HIGH:+SSLv3:+TLSv1:MEDIUM:+SSLv2:!
aNULL:!NULL:+SHA:+MD5.
main: TLS init def ctx failed: -1

You can test your cipher list expression by passing it to the "openssl ciphers" command:

$ openssl ciphers -v

I'd note that Debian links against GnuTLS, not OpenSSL, and some of the cipher names are different.


--Quanah

--

Quanah Gibson-Mount
Principal Software Engineer
Zimbra, Inc
--------------------
Zimbra ::  the leader in open source messaging and collaboration