EldoS | Feel safer!

Software components for data protection, secure storage and transfer

SSLv2 CipherSuites

Also by EldoS: CallbackFilter
A component to monitor and control disk activity, track file and directory operations (create, read, write, rename etc.), alter file data, encrypt files, create virtual files.
Posted: 07/15/2015 11:55:24
by Charlie Jimenez (Standard support level)
Joined: 08/14/2012
Posts: 38

I am using TElSecureClient in a test application. I need to be able to test SSLv2 connection to a product we are testing.

When I configure the SSLClient for SSLv2 ONLY, it sends out a limited set of available ciphersuites in the client hello message (see attached JPG file). The server does not like any of those and the handshake fails.

I have all ciphersuites enabled, but the component seems to pick out a limited number of suites to send in the hello message. If I enable all versions through TLS1.2, the client sends out all 166 ciphersuites in the hello message.

I understand that SSLv2 may not support the latest ciphersuites, but it seems that the ones picked out are quite limited. I know that the server will accept the following ciphersuites:


Why is the SSL Client being so limited? Is there any way to change this?

Posted: 07/15/2015 12:36:06
by Charlie Jimenez (Standard support level)
Joined: 08/14/2012
Posts: 38

Sorry, I should have indicated I am using SBB .Net version 12.0.260
Posted: 07/15/2015 13:48:18
by Ken Ivanov (Team)

Hi Charlie,

Pure SSL 2.0 (i.e. without support for upgrading to SSL 3.0 and TLS 1.x) supports a very limited set of cipher suites, all of which are extremely outdated. These are:


If you enable higher versions too (SSL 3, TLS 1.x), the client extends SSL2 client hello with SSL 3 and TLS 1.x cipher suites. These cipher suites however can only be agreed if a protocol version higher than SSL 2.0 is negotiated by the peers.

Posted: 07/15/2015 14:46:53
by Eugene Mayevski (Team)

I must add that SSL2 is not just outdated, but also insecure (has known security issues). Its use was strongly discouraged long time ago.

Sincerely yours
Eugene Mayevski



Topic viewed 1729 times

Number of guests: 1, registered members: 0, in total hidden: 0


Back to top

As of July 15, 2016 EldoS business operates as a division of /n software, inc. For more information, please read the announcement.

Got it!