Dňa 4. augusta 2022 15:12:27 UTC používateľ Chris Adams via mailop <mailop@mailop.org> napísal:
> >| TLSv1.2: >| ciphers: >| TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 (ecdh_x25519) - A >| TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (ecdh_x25519) - A >| TLS_RSA_WITH_AES_128_GCM_SHA256 (rsa 2048) - A When i filter only ciphersuites with AES and SHA256, you can see, that all ends with GCM_SHA256. that is block cipher mode and MAC, known as AEAD, and you cannot separate them in priority string (ciphersuite) definition. If you define e.g. only -MAC-ALL:+SHA256, you disabled all GCM, which is mostly not what one want nowadays. Try to use (append/replace MAC) "+AEAD" in your priority list... regards Slavko _______________________________________________ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
