During an SSL/TLS handshake, the client sends up a list of supported cipher suites and the server selects which one to use for the conversation. Windows has a prioritized list of cipher suites (configurable via the registry) and will select the first suite in that list that is supported by the client. Once a list of acceptable ciphers is created using the cipher suite flags, what algorithm does OpenSSL use to select the cipher suite when it's acting as a server? I could not find the answer in the OpenSSL documentation.
2 Answers
The list of cipher suites sent by the client is ordered; the first suite in the list is the one most preferred by the client. Normally, OpenSSL, as a server, honors the client preference: it selects the suite most preferred by the client among the list of suites that both the client and server support.
Since OpenSSL-0.9.7 (released at the end of 2002), OpenSSL has a programmatic flag called SSL_OP_CIPHER_SERVER_PREFERENCE which enforces the server preferences: the list of cipher suites supported by the server is also ordered by preference, and the server selects the suite that the server itself most prefers among those that both the client and server support. This flag is documented in the ssl.h include file.
With the command-line "s_server" command, the "-serverpref" option is used to activate the SSL_OP_CIPHER_SERVER_PREFERENCE flag.
Have a look at this manpage.
The cipherlist command converts OpenSSL cipher lists into ordered SSL cipher preference lists. It can be used as a test tool to determine the appropriate cipherlist.