> On Aug 22, 2018, at 1:56 PM, Qi Zeng <qzeng@xxxxxxxx> wrote: > > I’m trying to use NULL cipher such as ECDHE-ECDSA-NULL-SHA for debugging purpose. With OpenSSL version 1.0.2p, I was able to make it work. However with version 1.1.0i or 1.1.1 prev 9, SSL_CTX_set_cipher_list(ctx, "ECDHE-ECDSA-NULL-SHA") succeeded but SSL_Connect () failed. Is there any way to enable NULL ciphers with version 1.1.0i or later? Yes, you need to use: "ECDHE-ECDSA-NULL-SHA:@SECLEVEL=0" at present there are no separate controls to distinguish between the authentication security level and the encryption security level, so this also removes floors on the keys used in the certificates, but for debugging that should not be an obstacle... -- Viktor. -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
