Opened 7 years ago

Last modified 7 years ago

#7792 enhancement new

Enhance optionsForClientTLS to accept an acceptable ciphers list.

Reported by: Jason J. W. Williams Owned by:
Priority: normal Milestone:
Component: core Keywords:
Cc: Hynek Schlawack Branch:
Author:

Description

Ran into an issue where we needed to allow the RC4 cipher so our customers could pay their gas bills (https://myaccount.socalgas.com)...and access other necessary sites with unfortunate cipher choices.

Currently optionsForClientTLS has no keyword for changing the default cipher, requiring one to use the extraCertificateOptions keyword:

ssl.optionsForClientTLS(<hostname>, extraCertificateOptions={"acceptableCiphers" : <IAcceptableCiphers object>}

Optimally, optionsForClientTLS would accept acceptableCiphers as a valid keyword argument like CertificateOptions does.

Change History (1)

comment:1 Changed 7 years ago by Hynek Schlawack

Cc: Hynek Schlawack added
Note: See TracTickets for help on using tickets.