Skip to content

Master PKI - OpenSSL Ciphers⚓︎

OpenSSL Ciphers⚓︎

openssl supports listing ciphers, by suite, as well as testing connections to remote servers using a specific cipher.

Displaying⚓︎

Bash
1
2
3
4
5
# list all supported openssl ciphers, excluding null ciphers
openssl ciphers -v 'ALL:eNULL'

# listing a set of ciphers, based on include and exclude
openssl ciphers -v 'ALL:!eNULL:!aNULL:!RSA'

Testing a Remote Server⚓︎

Bash
1
2
3
4
5
# test a connection to ciphersuite.info with a cipher that likely doesn't work
echo '' | openssl s_client -cipher 'NULL-MD5' -connect ciphersuite.info:443

# testing with a cipher that does work as of 2023
echo '' | openssl s_client -cipher 'ECDHE-RSA-AES256-SHA' -connect ciphersuite.info:443

Source⚓︎