"openssl ciphers" will show you the correct names which in this case is DHE-RSA-AES128-GCM-SHA256 On Wed, 2021-11-17 at 16:25 +0800, M K Saravanan wrote: > Hi, > > Do I need to do any config to enable DHE based ciphers in openssl for > command line usage? > > $ openssl s_client -cipher 'DHE_RSA_WITH_AES_128_GCM_SHA256' -connect > 10.10.16.100:443 > Error with command: "-cipher DHE_RSA_WITH_AES_128_GCM_SHA256" > 139775998456896:error:140E6118:SSL > routines:ssl_cipher_process_rulestr:invalid > command:ssl/ssl_ciph.c:1028: > > mksarav@ubuntu1804:~$ openssl version > OpenSSL 1.1.1d 10 Sep 2019 > > Non DHE ciphers are working fine with the above command option. Are > they purposely removed for security reasons? I need to use DHE > ciphers > for some testing purpose. Is there anyway can I use it? > > > with regards, > Saravanan
