You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
When choosing a cipher, use the server's preferences instead of the client preferences.
When not set, the SSL server will always follow the clients preferences.
When set, the SSL/TLS server will choose following its own preferences.
Use the server's preferred cipher for the API connection
When using SSL_OP_CIPHER_SERVER_PREFERENCE the server's preferred cipher
is used instead of the client preference, see
https://www.openssl.org/docs/manmaster/ssl/SSL_CTX_set_options.html
refs #11290
Use the server's preferred cipher for the API connection
When using SSL_OP_CIPHER_SERVER_PREFERENCE the server's preferred cipher
is used instead of the client preference, see
https://www.openssl.org/docs/manmaster/ssl/SSL_CTX_set_options.html
fixes #11290
Updated by mfriedrich on 2016-03-04 14:46:28 +00:00
Status changed from Resolved to Assigned
Before pushing to git master, please let us know about such changes - especially regarding compatibility with all platforms to be tested in terms of openssl.
This issue has been migrated from Redmine: https://dev.icinga.com/issues/11290
Created by tobiasvdk on 2016-03-03 12:55:29 +00:00
Assignee: tobiasvdk
Status: Resolved (closed on 2016-06-16 08:21:21 +00:00)
Target Version: 2.5.0
Last Update: 2016-06-16 08:21:21 +00:00 (in Redmine)
Enable SSL_OP_CIPHER_SERVER_PREFERENCE to use the strongest cipher suite the client offers:
Changesets
2016-03-04 07:14:03 +00:00 by (unknown) 0d06422
2016-03-04 13:57:06 +00:00 by (unknown) ce30629
Relations:
The text was updated successfully, but these errors were encountered: