I work for Cisco and have a quick openssl-0.9.8o question. Does openssl-0.9.8o provide a option to disable weak SSL ciphers?
I am looking for a configuration option or a runtime tool/option. If these are not available, is there a compilation option? I found the following potentially useful define in ssl/ssl.h and include/openssl/ssl.h: #define SSL_DEFAULT_CIPHER_LIST "AES:ALL:!aNULL:!eNULL:+RC4:@STRENGTH" /* low priority for RC4 */ I would prefer not to have to modify the openssl code to take care of this. Thanks, Robert
