Forum

Forcing ssl CIPHER

Aditya Jain
7 November 2012, 03:56
How can we configure force the use of certain cipher when using SSL.

Hiawatha version: v8.6
Hugo Leisink
7 November 2012, 08:30
You can't change them via the configuration file, you have to edit src/libssl.c. But be sure you know what you are doing. The supported ciphers have been selected carefully.
Aditya Jain
7 November 2012, 08:58
I was wondering if we can force certain ciphers or block certain ciphers.
What is the minimum strength of ciphers that validate a session, just in case the client disables most secure of them?
Hugo Leisink
7 November 2012, 11:25
All browsers can handle the ciphers that have been set in Hiawatha. There is no need to change them. They have been selected carefully, so changing them will only lower security. My advice: don't change them unless you really know what you are doing.
Aditya Jain
8 November 2012, 03:04
I was asking that just in case some client disables all good ciphers in his/her browser, then, in that case what will be the cipher chosen ? Or the connection will be refused?

Hugo Leisink
8 November 2012, 07:50
In that case, the connection will be refused. But why would a user disable all good ciphers??
Aditya Jain
9 November 2012, 07:16
Just in case, Maybe some malware may do that to force Beast
Hugo Leisink
9 November 2012, 09:55
Why would malware that is already running on your computer do that?
Aditya Jain
9 November 2012, 12:03
I was just curious if that is possible
Hugo Leisink
9 November 2012, 12:14
When malware has full control over your computer, everything is possible.
This topic has been closed.