The OpenSSL 1.1.1 ciphers manpage claims that some non-ephemeral DH
ciphers are supported:
TLS1.0:
DH-RSA-AES128-SHA
DH-RSA-AES256-SHA
TLS1.2:
DH-RSA-AES128-SHA256
DH-RSA-AES256-SHA256
DH-RSA-AES128-GCM-SHA256
DH-RSA-AES256-GCM-SHA256
However, I am unable to see them with openssl ciphers command
> openssl ciphers -v -s DH
All I see are DHE ciphers. DH is needed for compatibility with legacy
servers.
Are these only enabled via a compile time option? Or is the
documentation incorrect?
Regards,
Rich
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
