Hi Hubert,
Thanks..
I tried the command you mentioned i.e.
openssl s_client -connect hostname:443 -cipher EDH </dev/null 2>/dev/null |
grep 'Server Temp Key'
But it didn't output anything.
Thanks & Regards,
Nayna Jain
From: Hubert Kario <[email protected]>
To: [email protected]
Cc: Nayna Jain/India/IBM@IBMIN, OpenSSL Users List
<[email protected]>
Date: 05/22/2015 04:28 PM
Subject: Re: [openssl-dev] What key length is used for DHE by default ?
On Friday 22 May 2015 15:41:09 Nayna Jain wrote:
> Hi,
>
> With the latest logjam attack, as I was trying to verify if my server
> (lighttpd) accepts DHE_xxx ciphers, I saw that it accepted and I didn't
> do any configuration setting done for DH parameters explicitly.
There's no default in OpenSSL, applications need to set the DH parameters
themselves.
> But I couldn't verify what is the key length did it use by default
> 512/1024/2048 ?
openssl s_client -connect hostname:443 -cipher EDH </dev/null 2>/dev/null |
grep 'Server Temp Key'
> Will the key length be different for different protocols like
> SSLv3/TLSv1.0/TLSv1.1/TLSv1.2? If yes , then what for each of them.
no, it will be the same for all protocols
--
Regards,
Hubert Kario
Quality Engineer, QE BaseOS Security team
Web: www.cz.redhat.com
Red Hat Czech s.r.o., Purkyňova 99/71, 612 45, Brno, Czech Republic
[attachment "signature.asc" deleted by Nayna Jain/India/IBM]_______________________________________________
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
