On Fri, Nov 29, 2013 at 01:43:11PM +0100, Kurt Roeckx wrote: > As far as I know, NSS does not have any ciphers with SHA-2 other > than GCM, and so I think what you want is not currently possible > with NSS.
It seems that some are implemented, but at least firefox with the latest version doesn't have any such enabled. You might need to do something to get them enabled. It seems there is at least support for those non-GCM ciphers: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 TLS_RSA_WITH_AES_128_CBC_SHA256 TLS_RSA_WITH_AES_256_CBC_SHA256 Kurt -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto