generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Extend the docs on setting the cipher list. Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE>

Browse Source
This commit is contained in:
Richard Levitte 2000-09-19 23:10:32 +00:00
parent cb1fbf8e6a
commit dd3430a6e9
1 changed files with 9 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
doc/ssl/SSL_CTX_set_cipher_list.pod
View File

@ -30,6 +30,15 @@ corresponding ciphers are not compiled in or because they are mistyped,
are simply ignored. Failure is only flagged if no ciphers could be collected are simply ignored. Failure is only flagged if no ciphers could be collected
at all. at all.
It should be noted, that inclusion of a cipher to be used into the list is
a necessary condition. On the client side, the inclusion into the list is
also sufficient. On the server side, additional restrictions apply. All ciphers
have additional requirements. ADH ciphers don't need a certificate, but
DH-parameters must have been set. All other ciphers need a corresponding
certificate and key. A RSA cipher can only be chosen, when a RSA certificate is
available, the respective is valid for DSA ciphers. Ciphers using EDH need
a certificate and key and DH-parameters.
=head1 RETURN VALUES =head1 RETURN VALUES
SSL_CTX_set_cipher_list() and SSL_set_cipher_list() return 1 if any cipher SSL_CTX_set_cipher_list() and SSL_set_cipher_list() return 1 if any cipher