On Wed, Jan 23, 2013 at 1:20 PM, Smith, Russell (Shane), Contractor <russell.s.smith....@sofsa.mil> wrote: > I am looking for a way to disable weak ciphers in openssl. > I have a legacy program that uses the "default" SSL ciphers and is not > configurable like apache and httpd.conf etc. > Is there any way I can change the actual openssl configuration on my > server > So that only selected ciphers and protocols are available? The program is legacy. Is the library being used as a shared object?
Is so, you can configure the library with -no-sslv2, -no-sslv3, etc. It can be used to remove weak/wounded/broken ciphers and protocols. Jeff ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
