Hello, We have an OpenSSL application in which the client calls SSL_connect() to connect to the server. We upgraded the OpenSSL used inour application from 1.0.1l to 1.0.2a recently. When OpenSSL 1.0.1l was used, the ciphersuite the client got was ECDHE_RSA_WITH_AES_256_CBC_SHA. When OpenSSL 1.0.1a is used, we notice that the ciphersuite the client gets has become DHE_RSA_WITH_AES_256_CBC_SHA. I traced OpenSSL 1.0.2a source code. Here is the stack trace. ssl_get_cipher_by_char() ssl3_get_server_hello() ssl3_connect() SSL_connect() ssl23_get_server_hello() ssl23_connect() SSL_connect() I noticed that in routine ssl_get_cipher_by_char() the internal cipher name it gets is DHE_RSA_AES256_SHA which should be corresponding to DHE_RSA_WITH_AES_256_CBC_SHA. My question is if this behavior change is expected? Thanks in advance, Aaron -- View this message in context: http://openssl.6102.n7.nabble.com/Default-ciphersuite-has-changed-from-1-0-1l-to-1-0-2a-tp57937.html Sent from the OpenSSL - User mailing list archive at Nabble.com.
