|
Hi all
I'm trying to re-add 3DES support (a temporary move, due to business requirements) to an NGINX (1.15.3) + OpenSSL (1.1.1) build via the NGINX build flag --with-openssl-opt=enable-weak-ssl-ciphers which i learnt from https://www.openssl.org/blog/blog/2016/08/24/sweet32/.
Whilst I do see some older ciphersuites being offered by NGINX after doing this, e.g. Camelia, Seed and so on, i don't see 3DES. I was expecting to be able to specifically list 3DES e.g. via DES-CBC3-SHA but that didn’t work. I have also tried adding @seclevel=0
to the ciphersuite string in NGINX but again, that didn’t work, I don’t see any 3DES ciphersuites available in NGINX.
I'm wondering whether something changed between the above article and the final version of OpenSSL 1.1.1? (I.e. Whether 3DES support was completely removed in OpenSSL 1.1.1).
Any pointers would be very much appreciated, I can’t find anything very useful on the web.
Cheers
Neil Craig
Lead Technical Architect | Online Technology Group
 Broadcast Centre, London W12 7TQ | BC4 A3
Twitter: https://twitter.com/tdp_org
|
-- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
