Verifying Weak Cipher Suites Have Been Disabled

You can use openssl to test if a cipher is enabled or disabled. At a command prompt, enter the following commands.

$ openssl s_client -host <hostname> -port <port> -cipher 3DES

$ openssl s_client -host <hostname> -port <port> -cipher DES

Each command should return a failure message that looks similar to the following message:

CONNECTED(00000003) 
140209911707464:error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure:s23_clnt.c:672: