regarding ciphersuites

gopinath ethiraja Mon, 10 Mar 2008 04:46:53 -0700

when I used the s_client command

C:\OpenSSL\bin>openssl s_client -connect localhost:443
Loading 'screen' into random state - done
CONNECTED(000002D0)
depth=0 /CN=localhost
verify error:num=18:self signed certificate
verify return:1
depth=0 /CN=localhost
verify return:1
---
Certificate chain
 0 s:/CN=localhost
   i:/CN=localhost
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIBnzCCAQgCCQDKA7/Wm9ikUDANBgkqhkiG9w0BAQUFADAUMRIwEAYDVQQDEwls
b2NhbGhvc3QwHhcNMDcwOTI3MTM0OTA0WhcNMTAwNjIzMTM0OTA0WjAUMRIwEAYD
VQQDEwlsb2NhbGhvc3QwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANygoxq7
uVMQUYvj6SwqlN4Mnd1co6jyCjSqXiLByEy7NjFL5RZAMnsI8qjy0Uc5ALEzTuG9
jwmpgD8pJoQ20gDtLSXsA1+Cg+9tY22OHM0blF+FqL/ki2PbTrmveeuX6xAq6uF9
mb50RxzdB/pzb5Y2Wib7AE1EV3NfwE5/kdF1AgMBAAEwDQYJKoZIhvcNAQEFBQAD
gYEArIto9PhgnoDUs+BnG6UNqGbQeT0/XREqZHd7ut9sI8G4b7oSl3Kka4SRMq9B
2bI5QlVbPEQWr75T3jHm8SWYt76LNicW+Lc6IxL8XKMxNWwKYIrih/zAQFSxiNzg
UhOECxmSTUT8pjGBYrpajniOmUuqqyYpp6GTVUUBnq8tRDU=
-----END CERTIFICATE-----
subject=/CN=localhost
issuer=/CN=localhost
---
No client certificate CA names sent
---
SSL handshake has read 983 bytes and written 322 bytes
---
New, TLSv1/SSLv3, Cipher is DHE-RSA-AES256-SHA
Server public key is 1024 bit
Compression: NONE
Expansion: NONE
SSL-Session:
    Protocol  : TLSv1
    Cipher    : DHE-RSA-AES256-SHA
    Session-ID: 5A1DEBBE6ADAB8224A3AFD439E9B4245E863D05A77271E5C80F97C82245AA9C3


    Session-ID-ctx:
    Master-Key: 3571447AAC61AAC181EADB884F463C71926B158BA3465464FD42C32C53DBB8A6
5504C011C917DC2D409E7ACE467FE322
    Key-Arg   : None
    Start Time: 1205149468
    Timeout   : 300 (sec)
    Verify return code: 18 (self signed certificate)
---



cipher obtained is DHE-RSA-AES256-SHA.

similarly when I created key using DSS

cipher obtained is DHE-DSS-AES256-SHA.


so how to obtain other ciphers such as

ADH-DES-CBC-SHA

EDH-DSS-DES-CBC3-SHA

EDH-DSS-DES-CBC3-SHA mutual auth

RSA-DES-CBC-SHA

RSA-DES-CBC-SHA mutual auth

thank u
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    openssl-users@openssl.org
Automated List Manager                           [EMAIL PROTECTED]

regarding ciphersuites

Reply via email to