1CIPHERS(1)                          OpenSSL                         CIPHERS(1)
2
3
4

NAME

6       ciphers - SSL cipher display and cipher list tool.
7

SYNOPSIS

9       openssl ciphers [-v] [-V] [-ssl2] [-ssl3] [-tls1] [cipherlist]
10

DESCRIPTION

12       The ciphers command converts textual OpenSSL cipher lists into ordered
13       SSL cipher preference lists. It can be used as a test tool to determine
14       the appropriate cipherlist.
15

COMMAND OPTIONS

17       -v  Verbose option. List ciphers with a complete description of
18           protocol version (SSLv2 or SSLv3; the latter includes TLS), key
19           exchange, authentication, encryption and mac algorithms used along
20           with any key size restrictions and whether the algorithm is classed
21           as an "export" cipher.  Note that without the -v option, ciphers
22           may seem to appear twice in a cipher list; this is when similar
23           ciphers are available for SSL v2 and for SSL v3/TLS v1.
24
25       -V  Like -v, but include cipher suite codes in output (hex format).
26
27       -ssl3
28           only include SSL v3 ciphers.
29
30       -ssl2
31           only include SSL v2 ciphers.
32
33       -tls1
34           only include TLS v1 ciphers.
35
36       -h, -?
37           print a brief usage message.
38
39       cipherlist
40           a cipher list to convert to a cipher preference list. If it is not
41           included then the default cipher list will be used. The format is
42           described below.
43

CIPHER LIST FORMAT

45       The cipher list consists of one or more cipher strings separated by
46       colons.  Commas or spaces are also acceptable separators but colons are
47       normally used.
48
49       The actual cipher string can take several different forms.
50
51       It can consist of a single cipher suite such as RC4-SHA.
52
53       It can represent a list of cipher suites containing a certain
54       algorithm, or cipher suites of a certain type. For example SHA1
55       represents all ciphers suites using the digest algorithm SHA1 and SSLv3
56       represents all SSL v3 algorithms.
57
58       Lists of cipher suites can be combined in a single cipher string using
59       the + character. This is used as a logical and operation. For example
60       SHA1+DES represents all cipher suites containing the SHA1 and the DES
61       algorithms.
62
63       Each cipher string can be optionally preceded by the characters !, - or
64       +.
65
66       If ! is used then the ciphers are permanently deleted from the list.
67       The ciphers deleted can never reappear in the list even if they are
68       explicitly stated.
69
70       If - is used then the ciphers are deleted from the list, but some or
71       all of the ciphers can be added again by later options.
72
73       If + is used then the ciphers are moved to the end of the list. This
74       option doesn't add any new ciphers it just moves matching existing
75       ones.
76
77       If none of these characters is present then the string is just
78       interpreted as a list of ciphers to be appended to the current
79       preference list. If the list includes any ciphers already present they
80       will be ignored: that is they will not moved to the end of the list.
81
82       Additionally the cipher string @STRENGTH can be used at any point to
83       sort the current cipher list in order of encryption algorithm key
84       length.
85

CIPHER STRINGS

87       The following is a list of all permitted cipher strings and their
88       meanings.
89
90       DEFAULT
91           the default cipher list. This is determined at compile time and, as
92           of OpenSSL 1.0.0, is normally ALL:!aNULL:!eNULL. This must be the
93           first cipher string specified.
94
95       COMPLEMENTOFDEFAULT
96           the ciphers included in ALL, but not enabled by default. Currently
97           this is ADH and AECDH. Note that this rule does not cover eNULL,
98           which is not included by ALL (use COMPLEMENTOFALL if necessary).
99
100       ALL all cipher suites except the eNULL ciphers which must be explicitly
101           enabled; as of OpenSSL, the ALL cipher suites are reasonably
102           ordered by default
103
104       COMPLEMENTOFALL
105           the cipher suites not enabled by ALL, currently being eNULL.
106
107       HIGH
108           "high" encryption cipher suites. This currently means those with
109           key lengths larger than 128 bits, and some cipher suites with
110           128-bit keys.
111
112       MEDIUM
113           "medium" encryption cipher suites, currently some of those using
114           128 bit encryption.
115
116       LOW "low" encryption cipher suites, currently those using 64 or 56 bit
117           encryption algorithms but excluding export cipher suites.
118
119       EXP, EXPORT
120           export encryption algorithms. Including 40 and 56 bits algorithms.
121
122       EXPORT40
123           40 bit export encryption algorithms
124
125       EXPORT56
126           56 bit export encryption algorithms. In OpenSSL 0.9.8c and later
127           the set of 56 bit export ciphers is empty unless OpenSSL has been
128           explicitly configured with support for experimental ciphers.
129
130       eNULL, NULL
131           the "NULL" ciphers that is those offering no encryption. Because
132           these offer no encryption at all and are a security risk they are
133           disabled unless explicitly included.
134
135       aNULL
136           the cipher suites offering no authentication. This is currently the
137           anonymous DH algorithms and anonymous ECDH algorithms. These cipher
138           suites are vulnerable to a "man in the middle" attack and so their
139           use is normally discouraged.
140
141       kRSA, RSA
142           cipher suites using RSA key exchange.
143
144       kDHr, kDHd, kDH
145           cipher suites using DH key agreement and DH certificates signed by
146           CAs with RSA and DSS keys or either respectively. Not implemented.
147
148       kEDH
149           cipher suites using ephemeral DH key agreement, including anonymous
150           cipher suites.
151
152       EDH cipher suites using authenticated ephemeral DH key agreement.
153
154       ADH anonymous DH cipher suites, note that this does not include
155           anonymous Elliptic Curve DH (ECDH) cipher suites.
156
157       DH  cipher suites using DH, including anonymous DH, ephemeral DH and
158           fixed DH.
159
160       kECDHr, kECDHe, kECDH
161           cipher suites using fixed ECDH key agreement signed by CAs with RSA
162           and ECDSA keys or either respectively.
163
164       kEECDH
165           cipher suites using ephemeral ECDH key agreement, including
166           anonymous cipher suites.
167
168       EECDHE
169           cipher suites using authenticated ephemeral ECDH key agreement.
170
171       AECDH
172           anonymous Elliptic Curve Diffie Hellman cipher suites.
173
174       ECDH
175           cipher suites using ECDH key exchange, including anonymous,
176           ephemeral and fixed ECDH.
177
178       aRSA
179           cipher suites using RSA authentication, i.e. the certificates carry
180           RSA keys.
181
182       aDSS, DSS
183           cipher suites using DSS authentication, i.e. the certificates carry
184           DSS keys.
185
186       aDH cipher suites effectively using DH authentication, i.e. the
187           certificates carry DH keys.  Not implemented.
188
189       aECDH
190           cipher suites effectively using ECDH authentication, i.e. the
191           certificates carry ECDH keys.
192
193       aECDSA, ECDSA
194           cipher suites using ECDSA authentication, i.e. the certificates
195           carry ECDSA keys.
196
197       kFZA, aFZA, eFZA, FZA
198           ciphers suites using FORTEZZA key exchange, authentication,
199           encryption or all FORTEZZA algorithms. Not implemented.
200
201       TLSv1.2, TLSv1, SSLv3, SSLv2
202           TLS v1.2, TLS v1.0, SSL v3.0 or SSL v2.0 cipher suites
203           respectively. Note: there are no ciphersuites specific to TLS v1.1.
204
205       AES128, AES256, AES
206           cipher suites using 128 bit AES, 256 bit AES or either 128 or 256
207           bit AES.
208
209       AESGCM
210           AES in Galois Counter Mode (GCM): these ciphersuites are only
211           supported in TLS v1.2.
212
213       CAMELLIA128, CAMELLIA256, CAMELLIA
214           cipher suites using 128 bit CAMELLIA, 256 bit CAMELLIA or either
215           128 or 256 bit CAMELLIA.
216
217       3DES
218           cipher suites using triple DES.
219
220       DES cipher suites using DES (not triple DES).
221
222       RC4 cipher suites using RC4.
223
224       RC2 cipher suites using RC2.
225
226       IDEA
227           cipher suites using IDEA.
228
229       SEED
230           cipher suites using SEED.
231
232       MD5 cipher suites using MD5.
233
234       SHA1, SHA
235           cipher suites using SHA1.
236
237       SHA256, SHA384
238           ciphersuites using SHA256 or SHA384.
239
240       aGOST
241           cipher suites using GOST R 34.10 (either 2001 or 94) for
242           authenticaction (needs an engine supporting GOST algorithms).
243
244       aGOST01
245           cipher suites using GOST R 34.10-2001 authentication.
246
247       aGOST94
248           cipher suites using GOST R 34.10-94 authentication (note that R
249           34.10-94 standard has been expired so use GOST R 34.10-2001)
250
251       kGOST
252           cipher suites, using VKO 34.10 key exchange, specified in the RFC
253           4357.
254
255       GOST94
256           cipher suites, using HMAC based on GOST R 34.11-94.
257
258       GOST89MAC
259           cipher suites using GOST 28147-89 MAC instead of HMAC.
260
261       PSK cipher suites using pre-shared keys (PSK).
262

CIPHER SUITE NAMES

264       The following lists give the SSL or TLS cipher suites names from the
265       relevant specification and their OpenSSL equivalents. It should be
266       noted, that several cipher suite names do not include the
267       authentication used, e.g. DES-CBC3-SHA. In these cases, RSA
268       authentication is used.
269
270   SSL v3.0 cipher suites.
271        SSL_RSA_WITH_NULL_MD5                   NULL-MD5
272        SSL_RSA_WITH_NULL_SHA                   NULL-SHA
273        SSL_RSA_EXPORT_WITH_RC4_40_MD5          EXP-RC4-MD5
274        SSL_RSA_WITH_RC4_128_MD5                RC4-MD5
275        SSL_RSA_WITH_RC4_128_SHA                RC4-SHA
276        SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5      EXP-RC2-CBC-MD5
277        SSL_RSA_WITH_IDEA_CBC_SHA               IDEA-CBC-SHA
278        SSL_RSA_EXPORT_WITH_DES40_CBC_SHA       EXP-DES-CBC-SHA
279        SSL_RSA_WITH_DES_CBC_SHA                DES-CBC-SHA
280        SSL_RSA_WITH_3DES_EDE_CBC_SHA           DES-CBC3-SHA
281
282        SSL_DH_DSS_EXPORT_WITH_DES40_CBC_SHA    Not implemented.
283        SSL_DH_DSS_WITH_DES_CBC_SHA             Not implemented.
284        SSL_DH_DSS_WITH_3DES_EDE_CBC_SHA        Not implemented.
285        SSL_DH_RSA_EXPORT_WITH_DES40_CBC_SHA    Not implemented.
286        SSL_DH_RSA_WITH_DES_CBC_SHA             Not implemented.
287        SSL_DH_RSA_WITH_3DES_EDE_CBC_SHA        Not implemented.
288        SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA   EXP-EDH-DSS-DES-CBC-SHA
289        SSL_DHE_DSS_WITH_DES_CBC_SHA            EDH-DSS-CBC-SHA
290        SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA       EDH-DSS-DES-CBC3-SHA
291        SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA   EXP-EDH-RSA-DES-CBC-SHA
292        SSL_DHE_RSA_WITH_DES_CBC_SHA            EDH-RSA-DES-CBC-SHA
293        SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA       EDH-RSA-DES-CBC3-SHA
294
295        SSL_DH_anon_EXPORT_WITH_RC4_40_MD5      EXP-ADH-RC4-MD5
296        SSL_DH_anon_WITH_RC4_128_MD5            ADH-RC4-MD5
297        SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA   EXP-ADH-DES-CBC-SHA
298        SSL_DH_anon_WITH_DES_CBC_SHA            ADH-DES-CBC-SHA
299        SSL_DH_anon_WITH_3DES_EDE_CBC_SHA       ADH-DES-CBC3-SHA
300
301        SSL_FORTEZZA_KEA_WITH_NULL_SHA          Not implemented.
302        SSL_FORTEZZA_KEA_WITH_FORTEZZA_CBC_SHA  Not implemented.
303        SSL_FORTEZZA_KEA_WITH_RC4_128_SHA       Not implemented.
304
305   TLS v1.0 cipher suites.
306        TLS_RSA_WITH_NULL_MD5                   NULL-MD5
307        TLS_RSA_WITH_NULL_SHA                   NULL-SHA
308        TLS_RSA_EXPORT_WITH_RC4_40_MD5          EXP-RC4-MD5
309        TLS_RSA_WITH_RC4_128_MD5                RC4-MD5
310        TLS_RSA_WITH_RC4_128_SHA                RC4-SHA
311        TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5      EXP-RC2-CBC-MD5
312        TLS_RSA_WITH_IDEA_CBC_SHA               IDEA-CBC-SHA
313        TLS_RSA_EXPORT_WITH_DES40_CBC_SHA       EXP-DES-CBC-SHA
314        TLS_RSA_WITH_DES_CBC_SHA                DES-CBC-SHA
315        TLS_RSA_WITH_3DES_EDE_CBC_SHA           DES-CBC3-SHA
316
317        TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA    Not implemented.
318        TLS_DH_DSS_WITH_DES_CBC_SHA             Not implemented.
319        TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA        Not implemented.
320        TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA    Not implemented.
321        TLS_DH_RSA_WITH_DES_CBC_SHA             Not implemented.
322        TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA        Not implemented.
323        TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA   EXP-EDH-DSS-DES-CBC-SHA
324        TLS_DHE_DSS_WITH_DES_CBC_SHA            EDH-DSS-CBC-SHA
325        TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA       EDH-DSS-DES-CBC3-SHA
326        TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA   EXP-EDH-RSA-DES-CBC-SHA
327        TLS_DHE_RSA_WITH_DES_CBC_SHA            EDH-RSA-DES-CBC-SHA
328        TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA       EDH-RSA-DES-CBC3-SHA
329
330        TLS_DH_anon_EXPORT_WITH_RC4_40_MD5      EXP-ADH-RC4-MD5
331        TLS_DH_anon_WITH_RC4_128_MD5            ADH-RC4-MD5
332        TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA   EXP-ADH-DES-CBC-SHA
333        TLS_DH_anon_WITH_DES_CBC_SHA            ADH-DES-CBC-SHA
334        TLS_DH_anon_WITH_3DES_EDE_CBC_SHA       ADH-DES-CBC3-SHA
335
336   AES ciphersuites from RFC3268, extending TLS v1.0
337        TLS_RSA_WITH_AES_128_CBC_SHA            AES128-SHA
338        TLS_RSA_WITH_AES_256_CBC_SHA            AES256-SHA
339
340        TLS_DH_DSS_WITH_AES_128_CBC_SHA         Not implemented.
341        TLS_DH_DSS_WITH_AES_256_CBC_SHA         Not implemented.
342        TLS_DH_RSA_WITH_AES_128_CBC_SHA         Not implemented.
343        TLS_DH_RSA_WITH_AES_256_CBC_SHA         Not implemented.
344
345        TLS_DHE_DSS_WITH_AES_128_CBC_SHA        DHE-DSS-AES128-SHA
346        TLS_DHE_DSS_WITH_AES_256_CBC_SHA        DHE-DSS-AES256-SHA
347        TLS_DHE_RSA_WITH_AES_128_CBC_SHA        DHE-RSA-AES128-SHA
348        TLS_DHE_RSA_WITH_AES_256_CBC_SHA        DHE-RSA-AES256-SHA
349
350        TLS_DH_anon_WITH_AES_128_CBC_SHA        ADH-AES128-SHA
351        TLS_DH_anon_WITH_AES_256_CBC_SHA        ADH-AES256-SHA
352
353   Camellia ciphersuites from RFC4132, extending TLS v1.0
354        TLS_RSA_WITH_CAMELLIA_128_CBC_SHA      CAMELLIA128-SHA
355        TLS_RSA_WITH_CAMELLIA_256_CBC_SHA      CAMELLIA256-SHA
356
357        TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA   Not implemented.
358        TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA   Not implemented.
359        TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA   Not implemented.
360        TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA   Not implemented.
361
362        TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA  DHE-DSS-CAMELLIA128-SHA
363        TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA  DHE-DSS-CAMELLIA256-SHA
364        TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA  DHE-RSA-CAMELLIA128-SHA
365        TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA  DHE-RSA-CAMELLIA256-SHA
366
367        TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA  ADH-CAMELLIA128-SHA
368        TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA  ADH-CAMELLIA256-SHA
369
370   SEED ciphersuites from RFC4162, extending TLS v1.0
371        TLS_RSA_WITH_SEED_CBC_SHA              SEED-SHA
372
373        TLS_DH_DSS_WITH_SEED_CBC_SHA           Not implemented.
374        TLS_DH_RSA_WITH_SEED_CBC_SHA           Not implemented.
375
376        TLS_DHE_DSS_WITH_SEED_CBC_SHA          DHE-DSS-SEED-SHA
377        TLS_DHE_RSA_WITH_SEED_CBC_SHA          DHE-RSA-SEED-SHA
378
379        TLS_DH_anon_WITH_SEED_CBC_SHA          ADH-SEED-SHA
380
381   GOST ciphersuites from draft-chudov-cryptopro-cptls, extending TLS v1.0
382       Note: these ciphers require an engine which including GOST
383       cryptographic algorithms, such as the ccgost engine, included in the
384       OpenSSL distribution.
385
386        TLS_GOSTR341094_WITH_28147_CNT_IMIT GOST94-GOST89-GOST89
387        TLS_GOSTR341001_WITH_28147_CNT_IMIT GOST2001-GOST89-GOST89
388        TLS_GOSTR341094_WITH_NULL_GOSTR3411 GOST94-NULL-GOST94
389        TLS_GOSTR341001_WITH_NULL_GOSTR3411 GOST2001-NULL-GOST94
390
391   Additional Export 1024 and other cipher suites
392       Note: these ciphers can also be used in SSL v3.
393
394        TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA     EXP1024-DES-CBC-SHA
395        TLS_RSA_EXPORT1024_WITH_RC4_56_SHA      EXP1024-RC4-SHA
396        TLS_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA EXP1024-DHE-DSS-DES-CBC-SHA
397        TLS_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA  EXP1024-DHE-DSS-RC4-SHA
398        TLS_DHE_DSS_WITH_RC4_128_SHA            DHE-DSS-RC4-SHA
399
400   Elliptic curve cipher suites.
401        TLS_ECDH_RSA_WITH_NULL_SHA              ECDH-RSA-NULL-SHA
402        TLS_ECDH_RSA_WITH_RC4_128_SHA           ECDH-RSA-RC4-SHA
403        TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA      ECDH-RSA-DES-CBC3-SHA
404        TLS_ECDH_RSA_WITH_AES_128_CBC_SHA       ECDH-RSA-AES128-SHA
405        TLS_ECDH_RSA_WITH_AES_256_CBC_SHA       ECDH-RSA-AES256-SHA
406
407        TLS_ECDH_ECDSA_WITH_NULL_SHA            ECDH-ECDSA-NULL-SHA
408        TLS_ECDH_ECDSA_WITH_RC4_128_SHA         ECDH-ECDSA-RC4-SHA
409        TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA    ECDH-ECDSA-DES-CBC3-SHA
410        TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA     ECDH-ECDSA-AES128-SHA
411        TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA     ECDH-ECDSA-AES256-SHA
412
413        TLS_ECDHE_RSA_WITH_NULL_SHA             ECDHE-RSA-NULL-SHA
414        TLS_ECDHE_RSA_WITH_RC4_128_SHA          ECDHE-RSA-RC4-SHA
415        TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA     ECDHE-RSA-DES-CBC3-SHA
416        TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA      ECDHE-RSA-AES128-SHA
417        TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA      ECDHE-RSA-AES256-SHA
418
419        TLS_ECDHE_ECDSA_WITH_NULL_SHA           ECDHE-ECDSA-NULL-SHA
420        TLS_ECDHE_ECDSA_WITH_RC4_128_SHA        ECDHE-ECDSA-RC4-SHA
421        TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA   ECDHE-ECDSA-DES-CBC3-SHA
422        TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA    ECDHE-ECDSA-AES128-SHA
423        TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA    ECDHE-ECDSA-AES256-SHA
424
425        TLS_ECDH_anon_WITH_NULL_SHA             AECDH-NULL-SHA
426        TLS_ECDH_anon_WITH_RC4_128_SHA          AECDH-RC4-SHA
427        TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA     AECDH-DES-CBC3-SHA
428        TLS_ECDH_anon_WITH_AES_128_CBC_SHA      AECDH-AES128-SHA
429        TLS_ECDH_anon_WITH_AES_256_CBC_SHA      AECDH-AES256-SHA
430
431   TLS v1.2 cipher suites
432        TLS_RSA_WITH_NULL_SHA256                  NULL-SHA256
433
434        TLS_RSA_WITH_AES_128_CBC_SHA256           AES128-SHA256
435        TLS_RSA_WITH_AES_256_CBC_SHA256           AES256-SHA256
436        TLS_RSA_WITH_AES_128_GCM_SHA256           AES128-GCM-SHA256
437        TLS_RSA_WITH_AES_256_GCM_SHA384           AES256-GCM-SHA384
438
439        TLS_DH_RSA_WITH_AES_128_CBC_SHA256        Not implemented.
440        TLS_DH_RSA_WITH_AES_256_CBC_SHA256        Not implemented.
441        TLS_DH_RSA_WITH_AES_128_GCM_SHA256        Not implemented.
442        TLS_DH_RSA_WITH_AES_256_GCM_SHA384        Not implemented.
443
444        TLS_DH_DSS_WITH_AES_128_CBC_SHA256        Not implemented.
445        TLS_DH_DSS_WITH_AES_256_CBC_SHA256        Not implemented.
446        TLS_DH_DSS_WITH_AES_128_GCM_SHA256        Not implemented.
447        TLS_DH_DSS_WITH_AES_256_GCM_SHA384        Not implemented.
448
449        TLS_DHE_RSA_WITH_AES_128_CBC_SHA256       DHE-RSA-AES128-SHA256
450        TLS_DHE_RSA_WITH_AES_256_CBC_SHA256       DHE-RSA-AES256-SHA256
451        TLS_DHE_RSA_WITH_AES_128_GCM_SHA256       DHE-RSA-AES128-GCM-SHA256
452        TLS_DHE_RSA_WITH_AES_256_GCM_SHA384       DHE-RSA-AES256-GCM-SHA384
453
454        TLS_DHE_DSS_WITH_AES_128_CBC_SHA256       DHE-DSS-AES128-SHA256
455        TLS_DHE_DSS_WITH_AES_256_CBC_SHA256       DHE-DSS-AES256-SHA256
456        TLS_DHE_DSS_WITH_AES_128_GCM_SHA256       DHE-DSS-AES128-GCM-SHA256
457        TLS_DHE_DSS_WITH_AES_256_GCM_SHA384       DHE-DSS-AES256-GCM-SHA384
458
459        TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256      ECDH-RSA-AES128-SHA256
460        TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384      ECDH-RSA-AES256-SHA384
461        TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256      ECDH-RSA-AES128-GCM-SHA256
462        TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384      ECDH-RSA-AES256-GCM-SHA384
463
464        TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256    ECDH-ECDSA-AES128-SHA256
465        TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384    ECDH-ECDSA-AES256-SHA384
466        TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256    ECDH-ECDSA-AES128-GCM-SHA256
467        TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384    ECDH-ECDSA-AES256-GCM-SHA384
468
469        TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256     ECDHE-RSA-AES128-SHA256
470        TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384     ECDHE-RSA-AES256-SHA384
471        TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256     ECDHE-RSA-AES128-GCM-SHA256
472        TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384     ECDHE-RSA-AES256-GCM-SHA384
473
474        TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256   ECDHE-ECDSA-AES128-SHA256
475        TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384   ECDHE-ECDSA-AES256-SHA384
476        TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256   ECDHE-ECDSA-AES128-GCM-SHA256
477        TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384   ECDHE-ECDSA-AES256-GCM-SHA384
478
479        TLS_DH_anon_WITH_AES_128_CBC_SHA256       ADH-AES128-SHA256
480        TLS_DH_anon_WITH_AES_256_CBC_SHA256       ADH-AES256-SHA256
481        TLS_DH_anon_WITH_AES_128_GCM_SHA256       ADH-AES128-GCM-SHA256
482        TLS_DH_anon_WITH_AES_256_GCM_SHA384       ADH-AES256-GCM-SHA384
483
484   Pre shared keying (PSK) cipheruites
485        TLS_PSK_WITH_RC4_128_SHA                  PSK-RC4-SHA
486        TLS_PSK_WITH_3DES_EDE_CBC_SHA             PSK-3DES-EDE-CBC-SHA
487        TLS_PSK_WITH_AES_128_CBC_SHA              PSK-AES128-CBC-SHA
488        TLS_PSK_WITH_AES_256_CBC_SHA              PSK-AES256-CBC-SHA
489
490   Deprecated SSL v2.0 cipher suites.
491        SSL_CK_RC4_128_WITH_MD5                 RC4-MD5
492        SSL_CK_RC4_128_EXPORT40_WITH_MD5        Not implemented.
493        SSL_CK_RC2_128_CBC_WITH_MD5             RC2-CBC-MD5
494        SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5    Not implemented.
495        SSL_CK_IDEA_128_CBC_WITH_MD5            IDEA-CBC-MD5
496        SSL_CK_DES_64_CBC_WITH_MD5              Not implemented.
497        SSL_CK_DES_192_EDE3_CBC_WITH_MD5        DES-CBC3-MD5
498

NOTES

500       The non-ephemeral DH modes are currently unimplemented in OpenSSL
501       because there is no support for DH certificates.
502
503       Some compiled versions of OpenSSL may not include all the ciphers
504       listed here because some ciphers were excluded at compile time.
505

EXAMPLES

507       Verbose listing of all OpenSSL ciphers including NULL ciphers:
508
509        openssl ciphers -v 'ALL:eNULL'
510
511       Include all ciphers except NULL and anonymous DH then sort by strength:
512
513        openssl ciphers -v 'ALL:!ADH:@STRENGTH'
514
515       Include all ciphers except ones with no encryption (eNULL) or no
516       authentication (aNULL):
517
518        openssl ciphers -v 'ALL:!aNULL'
519
520       Include only 3DES ciphers and then place RSA ciphers last:
521
522        openssl ciphers -v '3DES:+RSA'
523
524       Include all RC4 ciphers but leave out those without authentication:
525
526        openssl ciphers -v 'RC4:!COMPLEMENTOFDEFAULT'
527
528       Include all chiphers with RSA authentication but leave out ciphers
529       without encryption.
530
531        openssl ciphers -v 'RSA:!COMPLEMENTOFALL'
532

SEE ALSO

534       s_client(1), s_server(1), ssl(3)
535

HISTORY

537       The COMPLENTOFALL and COMPLEMENTOFDEFAULT selection options for
538       cipherlist strings were added in OpenSSL 0.9.7.  The -V option for the
539       ciphers command was added in OpenSSL 1.0.0.
540
541
542
5431.0.1e                            2017-03-22                        CIPHERS(1)
Impressum