Autor: Daniel Tiefnig Data: Para: exim-dev Assunto: Re: [exim-dev] Preliminary testing of a new Exim test suite
Philip Hazel wrote: > On Tue, 29 Nov 2005, Daniel Tiefnig wrote:
>> For me, with openssl 0.9.8, it says:
>>
>> tiefnig@orion:~$ openssl s_client -cipher RSA-AES256
>> error setting cipher list
>
> I think that definitely points to a problem of some sort with 0.9.8,
> because with 0.9.7e I get:
>
> $ openssl s_client -cipher RSA-AES256
> connect: Connection refused
Hmm, this may be a "feature" of your OpenSSL installation, an other
0.9.7e doesn't do that. (According to a short discussion on
openssl-users.) As one may enable and disable specific ciphers at
compilation time, this sure does vary. According to this, it would be
the safest thing to reduce requirements to an absolute minimum. Like
require just AES encoding on the server and disable it in the client:
{AES}{!AES:3DES}}
Should do the trick quite everywhere, shouldn't it?