Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3034
Views
5
Helpful
6
Replies

Can we comfirm the IOS OpenSSL version ?

Rps-Cheers
VIP
VIP

‎12-04-2019 03:45 AM

Hi  Everyone,

 

Our Customer need to check the OpenSSL version on CISCO Devices(CISCO7600,ISR, Cat6500,Nexus...).

Is there any method to check it? What should we do for check it?

 

Thx

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Rps-Cheers | If it solves your problem, please mark as answer. Thanks !
0 Helpful
6 Replies 6

Seb Rupik
VIP Alumni
VIP Alumni

‎12-04-2019 04:09 AM - edited ‎12-04-2019 04:10 AM

Hi there,

On the cisco device documentation page, under 'Licensing Information' there should be a document detailing the open source information used in a release, eg:

https://www.cisco.com/c/en/us/support/switches/catalyst-6500-series-switches/products-licensing-information-listing.html

 

...however, as you will see, the release history is not always up to date or complete.

 

What are you trying to determine from the openSSL library version?

If you are trying to audit the ciphers, then take a look at this nmap script:

https://nmap.org/nsedoc/scripts/ssl-enum-ciphers.html

 

 

cheers,

Seb.

0 Helpful

Rps-Cheers
VIP
VIP
In response to Seb Rupik

‎12-04-2019 04:26 AM

Thank you for your reply, but there doesn't seem to be a clear explanation of this issue, I just want to confirm the corresponding version of openssl under IOS
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Rps-Cheers | If it solves your problem, please mark as answer. Thanks !
0 Helpful

marce1000
VIP
VIP

‎12-04-2019 04:19 AM

 

 = Not direct, CISCO considers this a being proprietary due to use-rights and the integration in IOS and or XE,  ir can be obtained if there is a firm requirement through CISCO support.

 M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '
0 Helpful

Rps-Cheers
VIP
VIP
In response to marce1000

‎12-04-2019 04:25 AM

So,whether we cannot obtain the openssl version?Do we need contact cisco tac?
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Rps-Cheers | If it solves your problem, please mark as answer. Thanks !
0 Helpful

marce1000
VIP
VIP
In response to Rps-Cheers

‎12-04-2019 04:39 AM

 

 - Yes because it is not the same as getting this info on an open-source system.  It is considered proprietary information, besides it still being named as openssl....

 M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '

Rps-Cheers
VIP
VIP
In response to marce1000

‎12-06-2019 12:58 AM

OK,Thanks for your help,i also try to contact cisco tac.

BR
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Rps-Cheers | If it solves your problem, please mark as answer. Thanks !
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card