how to use deprecated SSL/TSL ciphers

Problems with the Windows version of XAMPP, questions, comments, and anything related.

how to use deprecated SSL/TSL ciphers

Postby Vedita BR » 05. April 2019 13:22

Hello, i'm trying to setup a https server for a 2000's video game but it seems XAMPP is rejecting the console's ciphers and the server sends handshake failed (40) after client has sent SSL v2 hello.

here are the ciphers that the client use.
Image

I am on OpenSSL 1.1.1b 26 Feb 2019
XAMPP CP v3.2.3 03/07/2019

What should I do?

thanks :wink:

PS: I also tried SSLCipherSuite ALL and SSLProtocol ALL but no luck!
Vedita BR
 
Posts: 5
Joined: 07. February 2017 02:52
XAMPP version: 5.6.30
Operating System: Windows 10

Re: how to use deprecated SSL/TSL ciphers

Postby gsmith » 06. April 2019 21:17

Sometimes we just have to let what we love go free.

If that client can do http instead of httpS, that is the way to go. All https is going to do for you is let the evil-doers have your private key and nothing will be secure with the connection. That stated, Apache 2.4.12 with OpenSSL 1.0.2 should be able to work.

OpenSSL 1.0.2 has TLS_RSA_WITH_RC4_128_SHA (TLS/1.0 RC4-SHA) which is #5 in your list. 2.4.12 was the last released version of Apache that would speak to RC4 ciphers. Stay away from all those old CBC ciphers!

What Xampp version that equals I don't know, you will have to research that.
gsmith
 
Posts: 244
Joined: 29. November 2013 18:04
Location: San Diego
XAMPP version: 0.0.0
Operating System: Win 7-10/VC 6,9,11,14,15


Return to XAMPP for Windows

Who is online

Users browsing this forum: No registered users and 44 guests