Thanks, both of you. Unfortunately I see that I wasn't precise enough as to what the problem was.
I know how to use SSL_CTX_set_cipher_list. The problem is that the second parameter, the cipher list (char*), doesn't accept explicit ciphers (as for example "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA"), only classes of ciphers (as for example "RSA", "DSS", etc). So I need a way to state this cipher explicitly. Most probably I need to use some other function, or maybe there is some undocumented way to write a cipher(1) string to except only one cipher. Can anyone help on either of the two approaches? -Johannes >===== Original Message From "Greaney, Kevin" <[EMAIL PROTECTED]> ===== >Hi, > I would start at the following page in the documentation: > > http://www.openssl.org/docs/ssl/SSL_get_ciphers.html > >It not only gives you the details for get_ciphers, but it also >provides link to the related APIs. > >Kevin. > >-----Original Message----- >From: [EMAIL PROTECTED] >[mailto:[EMAIL PROTECTED] On Behalf Of kankedu >Sent: Thursday, November 11, 2004 4:55 AM >To: openssl-users >Subject: cipher list > >Hi, > >I want to tell my client to only use certain ciphers, and I have found >just >the funtion for doing so: > > SSL_CTX_set_cipher_list(*ctx, "RSA"); > >However, this doesn't give me good enough control on exactly which >ciphers to >use, only classes. E.g. I cannot write >"TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA" as >a second argument to ONLY use that cipher. Does anyone know another way >to >solve this problem? Otherwise I'll put it down as a feature request, I >guess. > >Thanks, > >Johannes > >______________________________________________________________________ >OpenSSL Project http://www.openssl.org >User Support Mailing List [EMAIL PROTECTED] >Automated List Manager [EMAIL PROTECTED] >______________________________________________________________________ >OpenSSL Project http://www.openssl.org >User Support Mailing List [EMAIL PROTECTED] >Automated List Manager [EMAIL PROTECTED] ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
