Hi,
I am building an application which needs TLSv1.2 protocol. I am getting
following issues with openssl-1.0.1c version:
Issue 1: openssl command errors out
=> openssl ciphers -v 'TLSv1.2'
Error in cipher list
47767988151392:error:140E6118:SSL routines:SSL_CIPHER_PROCESS_RULESTR:invalid
command:ssl_ciph.c:1170:
=>openssl ciphers -v 'TLSv1.2+HIGH:!AESGCM:!aNULL:!eNULL'
Error in cipher list
47393772139616:error:140E6118:SSL routines:SSL_CIPHER_PROCESS_RULESTR:invalid
command:ssl_ciph.c:1170:
Issue 2: SSL_CTX_set_cipher_list function errors out
if (!SSL_CTX_set_cipher_list(SSL_context,
"TLSv1.2+HIGH:!AESGCM:!aNULL:!eNULL")) // Function return 0 on error
{
printf("Can't set cipher list\n");
}
In openssl-1.0.1e version both the issues go away. Is this a bug? Is there any
way to fix the issue without upgrading the openssl library to new version?
Sam
DISCLAIMER
==========
This e-mail may contain privileged and confidential information which is the
property of Persistent Systems Ltd. It is intended only for the use of the
individual or entity to which it is addressed. If you are not the intended
recipient, you are not authorized to read, retain, copy, print, distribute or
use this message. If you have received this communication in error, please
notify the sender and delete all copies of this message. Persistent Systems
Ltd. does not accept any liability for virus infected mails.
