Hello, We are using executable 'apps/openssl' in our test cases. We upgraded from OpenSSL 1.0.1l to OpenSSL 1.0.2a recently. Since then one of our test cases started to fail. After checking, I noticed that the default cipher of 'openssl' was changed from ECDHE-RSA-AES256-SHA to DHE-RSA-AES256-SHA in OpenSSL 1.0.2. The related description in OpenSSL 1.0.2 change log is as follows. 474 *) Support for automatic EC temporary key parameter selection. If enabled 475 the most preferred EC parameters are automatically used instead of 476 hardcoded fixed parameters. Now a server just has to call: 477 SSL_CTX_set_ecdh_auto(ctx, 1) and the server will automatically 478 support ECDH and use the most appropriate parameters. 479 [Steve Henson] My question is how to enable automatic EC temporary key parameter selection? Is it possible to change the default cipher back to ECDHE-RSA-AES256-SHA? Thanks, Aaron -- View this message in context: http://openssl.6102.n7.nabble.com/The-default-cipher-of-executable-openssl-tp58557.html Sent from the OpenSSL - User mailing list archive at Nabble.com.
