On 12/14/2015 9:12 PM, Indtiny S wrote:
> I need to configure the cCURL client to specifically use the cipher
> TLS_RSA_WITH_AES_256_CBC_SHA256. so I used the below curl option
>
> curl_easy_setopt(curl, CURLOPT_SSL_CIPHER_LIST,
> "TLS_RSA_WITH_AES_256_CBC_SHA256");
> Code Compiles properly but I get the below error during handshake,
>
> * Connected to 192.168.52.107 (192.168.52.107) port 8888 (#0)
> * failed setting cipher list: TLS_RSA_WITH_AES_256_CBC_SHA256
> * Closing connection 0
> 201: failed setting cipher list: TLS_RSA_WITH_AES_256_CBC_SHA256
> Curl Easy perform() failed: Couldn't use specified SSL cipher
> error59
> But if I comment this option request goes fine, but the Client Hello
> Includes all the chipers list .
>
> Since I know the cipher at the server and the one I want to use, How
> to configure the curl so that it can start a handshake with that
> cipher only?
>
> Am running my client on Ubuntu PC.
>

There's no universal cipher notation iirc, it depends on the SSL
backend. Check curl -V to see what it's using. If it's OpenSSL the
cipher short name for TLS_RSA_WITH_AES_256_CBC_SHA256 is AES256-SHA256.
None of this says anything about whether your server supports it though.
Example:
curl --ciphers AES256-SHA256 https://test.com

-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2015-12-15