That is nice to know. Thank you! That fixed my problem.
>
> On Mon, Dec 06, 2010 at 11:36:01AM -0600, Mike Brennan wrote:
>
> > It seems that Openssl doesn't always obey the server's priority
>
> s/doesn't always obey/never by default obeys/
>
> > ordered list of ciphers (set with SSL_set_cipher_list()), even when
> > that list is syntactically correct, when the ciphers are available,
> > and when the client capabilities don't constrain the choice.
>
> By default the server respects the client's priority. If you want
> the server to pre-empt the client's preference list, try:
>
> SSL_CTX_set_options(3) or SSL_set_options(3):
>
> SSL_OP_CIPHER_SERVER_PREFERENCE
> When choosing a cipher, use the server's preferences instead of
> the client preferences. When not set, the SSL server will always
> follow the clients preferences. When set, the SSLv3/TLSv1 server
> will choose following its own preferences. Because of the differ-
> ent protocol, for SSLv2 the server will send his list of prefer-
> ences to the client and the client chooses.
>
> --
> Viktor.
> ______________________________________________________________________
> OpenSSL Project http://www.openssl.org
> User Support Mailing List [email protected]
> Automated List Manager [email protected]
>
____ ______________________________________________
/ / / / /_/ /_
/ / / /\ /__Mike Brennan
Pittsburg State University
Pittsburg, KS 66762
[email protected]
620-235-4603 fax: 620-235-4377
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [email protected]
Automated List Manager [email protected]
