Finally, verify that export ciphers are disabled: $ openssl s_client -connect www.example.com:443 -cipher "EXP". The connection should fail. In other words: get OpenSSL 1.0.2. add the -cipher "EDH" option to your connect string. assume vulnerability if export ciphers are enabled on the server. More @Wikipedia
Hover over any link to get a description of the article. Please note that search keywords are sometimes hidden within the full article and don't appear in the description or title.