LinuxGuruz
  • Last 5 Forum Topics
    Replies
    Views
    Last post


The Web Only This Site
  • BOOKMARK

  • ADD TO FAVORITES

  • REFERENCES


  • MARC

    Mailing list ARChives
    - Search by -
     Subjects
     Authors
     Bodies





    FOLDOC

    Computing Dictionary




  • Text Link Ads






  • LINUX man pages
  • Linux Man Page Viewer


    The following form allows you to view linux man pages.

    Command:

    SSL_CTX_set_cipher_list

    
    
    
    

    SYNOPSIS

            #include <openssl/ssl.h>
    
            int SSL_CTX_set_cipher_list(SSL_CTX *ctx, const char *str);
            int SSL_set_cipher_list(SSL *ssl, const char *str);
    
    
    

    DESCRIPTION

           SSL_CTX_set_cipher_list() sets the list of available ciphers for ctx
           using the control string str. The format of the string is described in
           ciphers(1). The list of ciphers is inherited by all ssl objects created
           from ctx.
    
           SSL_set_cipher_list() sets the list of ciphers only for ssl.
    
    
    

    NOTES

           The control string str should be universally usable and not depend on
           details of the library configuration (ciphers compiled in). Thus no
           syntax checking takes place. Items that are not recognized, because the
           corresponding ciphers are not compiled in or because they are mistyped,
           are simply ignored. Failure is only flagged if no ciphers could be
           collected at all.
    
           It should be noted, that inclusion of a cipher to be used into the list
           is a necessary condition. On the client side, the inclusion into the
           list is also sufficient. On the server side, additional restrictions
           apply. All ciphers have additional requirements. ADH ciphers don't need
           a certificate, but DH-parameters must have been set. All other ciphers
           need a corresponding certificate and key.
    
           A RSA cipher can only be chosen, when a RSA certificate is available.
           RSA export ciphers with a keylength of 512 bits for the RSA key require
           a temporary 512 bit RSA key, as typically the supplied key has a length
           of 1024 bit (see SSL_CTX_set_tmp_rsa_callback(3)).  RSA ciphers using
           EDH need a certificate and key and additional DH-parameters (see
           SSL_CTX_set_tmp_dh_callback(3)).
    
           A DSA cipher can only be chosen, when a DSA certificate is available.
           DSA ciphers always use DH key exchange and therefore need DH-parameters
           (see SSL_CTX_set_tmp_dh_callback(3)).
    
           When these conditions are not met for any cipher in the list (e.g. a
           client only supports export RSA ciphers with a asymmetric key length of
           512 bits and the server is not configured to use temporary RSA keys),
           the "no shared cipher" (SSL_R_NO_SHARED_CIPHER) error is generated and
           the handshake will fail.
    
    
    

    RETURN VALUES

           SSL_CTX_set_cipher_list() and SSL_set_cipher_list() return 1 if any
           cipher could be selected and 0 on complete failure.
    
    
    

    SEE ALSO

    
    
  • MORE RESOURCE


  • Linux

    The Distributions





    Linux

    The Software





    Linux

    The News



  • MARKETING






  • Toll Free

webmaster@linuxguruz.com
Copyright © 1999 - 2016 by LinuxGuruz