On 18/02/18 03:10, Amos Jeffries wrote: > > On 18/02/18 02:39, chiasa.men wrote: >> >> I could solve the "no ciphers available" by appending >> "TLS13-AES-256-GCM-SHA384" to the ciphers. >> >> But the log shows the use of "ECDHE-ECDSA-AES256-GCM-SHA384" >> >> Why is that cipher relevant if its not used? >> > > The squid.conf cipher= are just strings passed to the OpenSSL library to > interpret. > > It is probably that "TLS13-AES-256-GCM-SHA384" is what your new library > calls "ECDHE-ECDSA-AES256-GCM-SHA384". >
This seems to confirm the change: <https://www.openssl.org/blog/blog/2017/05/04/tlsv1.3/> "The new ciphersuites are defined differently and do not specify the certificate type (e.g. RSA, DSA, ECDSA) or the key exchange mechanism (e.g. DHE or ECHDE). This has implications for ciphersuite configuration." Amos _______________________________________________ squid-users mailing list [email protected] http://lists.squid-cache.org/listinfo/squid-users
