Re: how to enable DHE ciphers on openssl for using on command line

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 17/11/2021 08:25, M K Saravanan wrote:

Hi,

Do I need to do any config to enable DHE based ciphers in openssl for
command line usage?

$ openssl s_client -cipher 'DHE_RSA_WITH_AES_128_GCM_SHA256' -connect
10.10.16.100:443
You have the wrong name for this ciphersuite. OpenSSL uses its own naming scheme. The mapping between the names you will see in the specification and OpenSSL names are on this page: 

https://www.openssl.org/docs/man1.1.1/man1/ciphers.html
The OpenSSL name for this particular ciphersuite is "DHE-RSA-AES128-GCM-SHA256" 

Matt




Error with command: "-cipher DHE_RSA_WITH_AES_128_GCM_SHA256"
139775998456896:error:140E6118:SSL
routines:ssl_cipher_process_rulestr:invalid
command:ssl/ssl_ciph.c:1028:

mksarav@ubuntu1804:~$ openssl version
OpenSSL 1.1.1d  10 Sep 2019

Non DHE ciphers are working fine with the above command option.  Are
they purposely removed for security reasons? I need to use DHE ciphers
for some testing purpose. Is there anyway can I use it?


with regards,
Saravanan
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux