[stunnel-users] How to enable weak ciphers in stunnel

Swonk, Glenn Glenn.Swonk at tais.toshiba.com
Fri Nov 14 19:23:43 CET 2014


 

 

When I run stunnel, I would like to enable the weaker ciphers and
protocols (SSLv3) for testing purposes.

However, adding options to the stunnel.conf file doesn't seem to return
new ciphers during the negotiation (using sslscan to generate the
report).

 

I have look through the documentation and it doesn't seem to address
these options very well.

 

Thanks,

glenn

 

 

options = SSLv2

;;ciphers = DH+AES

 

;;ciphers = HIGH:LOW

;;ciphers = HIGH:MEDIUM

ciphers = ALL

 

 

Supported Server Cipher(s):

   Accepted  TLSv1  256 bits  DHE-RSA-AES256-SHA

   Accepted  TLSv1  256 bits  AES256-SHA

   Accepted  TLSv1  128 bits  DHE-RSA-AES128-SHA

   Accepted  TLSv1  128 bits  AES128-SHA

   Accepted  TLSv1  168 bits  EDH-RSA-DES-CBC3-SHA

   Accepted  TLSv1   56 bits  EDH-RSA-DES-CBC-SHA

   Accepted  TLSv1  168 bits  DES-CBC3-SHA

   Accepted  TLSv1   56 bits  DES-CBC-SHA

   Accepted  TLSv1  128 bits  IDEA-CBC-SHA

   Accepted  TLSv1  128 bits  RC4-SHA

   Accepted  TLSv1  128 bits  RC4-MD5

 

Prefered Server Cipher(s):

   TLSv1  256 bits  DHE-RSA-AES256-SHA

 



________________________________
This message may contain confidential information.  If you are not the intended recipient of this e-mail, do not disseminate, distribute or copy this e-mail and delete this e-mail from your system.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.stunnel.org/pipermail/stunnel-users/attachments/20141114/587c904d/attachment.html>


More information about the stunnel-users mailing list