You need
'!aNULL:!eNULL:!LOW:!SSLv2:!EXPORT:!EXPORT56:FIPS:MEDIUM:HIGH:@STRENGTH" as the
argument to SSL_CTX_set_cipher_list().
You can't get rid of MD5, as *everything* requires it. If you get rid of it,
TLS v1.0 won't work, SSLv3 won't work, and I don't even know about the TLS v1.1
stuff t
Using ./config no-comp I get a symbol not found:
lib/openssl/scons-lib/libcrypto.a(err_all.o): In function
`ERR_load_crypto_strings':
err_all.c:(.text+0x8f): undefined reference to `ERR_load_COMP_strings'
collect2: ld returned 1 exit status
Here's a patch to fix it:
--- openssl-0.9.8o/crypto/err/
On July 30, 2010 10:21:06 pm Robert Feldman -X (robfeldm - Protingent Staffing
at Cisco) wrote:
> Nessus and " openssl ciphers -v 'ALL:eNULL'" detect the following weak
> SSL ciphers on my test server:
>
>
>
> NULL-SHASSLv3 Kx=RSA Au=RSA Enc=None Mac=SHA1
>
> NULL-MD
Hello,
I am starting to work on development of an openssl engine
to enable access to the security processor, for Intel Atom
chipsets.
Is this the right forum for asking design questions, and
submitting patches?
Thank you,
Don Johnson
Ultra-Mobility Group
Intel Corporation
Office: 503-712-9898
do
Hi
I already mentioned this in the opensssl-users maling list. Is it possible to
build openssl without RSA,DA and DH support? Doing so i got erros like
./config --prefix=/home_vie/mhofer/tmp_opensslscratch
--openssldir=/home_vie/mhofer/tmp_opensslscratch/openssl no-threads no-zlib
no-shared
