How to configure ciphers

The list of ciphers the server will support is found in a file called ciphers. The file is located in the $TEXHOME/etc/certs directory. The format of the file is a colon separated list of cipher names. For details on what ciphers are supported and the exact format of the setting see the Ciphers section of the OpenSSL documentation.

For example, to enforce the use of MD5 ciphers the following cipher file could be used:

#

#  The allowable ciphers for use between the client and server are

#  defined by the last line in this file. See ciphers(1) in OpenSSL

#  (http://www.openssl.org/docs/apps/ciphers.html) for the format of

#  statement detailing the ciphers to use.

#

MD5

To set the ciphers supported by the Windows client and client-side programs using texapi.pm the TEXCIPHERS environment variable should be used. For example, to enforce the use of MD5 ciphers the following setting could be used:

TEXCIPHERS="MD5" 

export TEXCIPHERS

It is also possible to set the ciphers when using TexAPI directly. The Ciphers member of the TEXSESSINFO structure may be used:

TEXSESSINFO info;

TEXSESSION  session;

...

info.Ciphers = "MD5";

...

TexSessConnect(&info, &session);

...

For texapi.pm the Ciphers key is used:

my $session = ke::texapi->new(

{

        ...

        Ciphers => 'MD5',

        ...

});

When using TexJDBC the ciphers connection property may be set to restrict the ciphers used for a connection:

Properties props = new Properties();

props.setProperty("ciphers", "MD5");

...

Connection conn =  DriverManager.getConnection("jdbc:texpress:socket", props);