1

I would like to know how to add Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA support to the new versions of Chrome? Since Chrome v25/26 Google stopped the support of Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA. Unfortunately, I am working on application that require such a cipher and for that I have built a kind of Extension/Addon for it on Chrome. Without the support of this cipher my addon/extension will be useless.

Does anybody how to fix such an issue?

I have used the following command chrome.exe --cipher-suite-blacklist=0xc007,0xc011,0x0066,0xc00c,0xc002,0x0005,0x0004

then I checked my browser SSL support using this website: https://www.ssllabs.com/ssltest/viewMyClient.html

but I still can't get my application to work. Is there anything I missed? is the cipher order matters?

Rory Alsop
  • 61,474
  • 12
  • 117
  • 321
Xtreme
  • 11
  • 1
  • 2
  • 1.) It's bizarre to see an application limited to a single cipher suite, 2.) [As far as I can tell](https://www.ssllabs.com/ssltest/viewClient.html?name=Chrome&version=37&platform=OS%20X), Chrome still supports that cipher suite. – Matt Nordhoff Oct 16 '14 at 01:06
  • SuiteB specs are highly restrictive, and limit to just a few ciphers. – davenpcj Feb 28 '17 at 22:29

1 Answers1

3

Cipher suites are removed or added by Google through software patches or updates. You can blacklist cipher suites by adding a command-line argument to Chrome's startup; as shown in this answer. Hexadecimal values for each cipher suite can be found here.

There isn't any functionality for enabling non-default cipher suites. I believe you might be stuck with changing your application's cipher suite to a newly supported cipher suite.

Here is the most recent issue I could find.

Community
  • 1
RoraΖ
  • 12,347
  • 4
  • 51
  • 83