To enforce the server's cipher order, use SSL_CTX_set_options(ctx, SSL_CTX_get_options(ctx) | SSL_OP_CIPHER_SERVER_PREFERENCE).
https://www.openssl.org/docs/man1.0.2/man3/SSL_CTX_set_options.html ________________________________ Testing server preferences Has server cipher order? no (NOT ok) ... No further cipher order check has been done as order is determined by the client
