Thanks Viktor for clarification. So in case we need to use SSL_CTX_set_cipher_list(), we should use : for multiple Ciphers. and + working in old releases for same scenario can be treated as bug.. Thanks Mukesh On 26 March 2015 at 20:24, Viktor Dukhovni <openssl-users at dukhovni.org> wrote: > On Thu, Mar 26, 2015 at 07:56:38PM +0530, Mukesh Yadav wrote: > > > :~/openssl-0.9.8d_install/usr/local/bin# ./openssl ciphers > RC4-MD5+RC4-SHA > > -v > > > > RC4-MD5 SSLv3 Kx=RSA Au=RSA Enc=RC4(128) Mac=MD5 > > > > RC4-MD5 SSLv2 Kx=RSA Au=RSA Enc=RC4(128) Mac=MD5 > > > > RC4-SHA SSLv3 Kx=RSA Au=RSA Enc=RC4(128) Mac=SHA1 > > That's a bug. Between two ciphers "+" means "AND". Right after > ":" a "+" means "move to the end". No cipher is both RC4-MD5 AND > RC4-SHA. > > -- > Viktor. > _______________________________________________ > openssl-users mailing list > To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users > -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20150326/c7dfa248/attachment-0001.html>
