diff --git a/lib/http/__init__.py b/lib/http/__init__.py
index a42c496ef50024151d8da162e69e291dfaab9bdb..8767272beae09b116c2f98273a552233e297a9d1 100644
--- a/lib/http/__init__.py
+++ b/lib/http/__init__.py
@@ -595,7 +595,10 @@ class HttpBase(object):
 
     ctx = OpenSSL.SSL.Context(OpenSSL.SSL.SSLv23_METHOD)
     ctx.set_options(OpenSSL.SSL.OP_NO_SSLv2)
-    ctx.set_cipher_list(constants.OPENSSL_CIPHERS)
+
+    ciphers = self.GetSslCiphers()
+    logging.debug("Setting SSL cipher string %s", ciphers)
+    ctx.set_cipher_list(ciphers)
 
     ctx.use_privatekey(self._ssl_key)
     ctx.use_certificate(self._ssl_cert)
@@ -608,6 +611,12 @@ class HttpBase(object):
 
     return OpenSSL.SSL.Connection(ctx, sock)
 
+  def GetSslCiphers(self): # pylint: disable-msg=R0201
+    """Returns the ciphers string for SSL.
+
+    """
+    return constants.OPENSSL_CIPHERS
+
   def _SSLVerifyCallback(self, conn, cert, errnum, errdepth, ok):
     """Verify the certificate provided by the peer
 
diff --git a/tools/setup-ssh b/tools/setup-ssh
index c2530c243175e8577728065667c3715be93b752b..4c8f9e91c935b272528b802424b9064afd4c1449 100755
--- a/tools/setup-ssh
+++ b/tools/setup-ssh
@@ -321,6 +321,8 @@ def main():
 
   SetupLogging(options)
 
+  errs = 0
+
   all_keys = LoadPrivateKeys(options)
 
   passwd = None
@@ -385,14 +387,18 @@ def main():
         SetupSSH(transport)
         SetupNodeDaemon(transport)
       except errors.GenericError, err:
-        logging.error("While doing setup on host %s an error occured: %s",
+        logging.error("While doing setup on host %s an error occurred: %s",
                       host, err)
+        errs += 1
     finally:
       transport.close()
       # this is needed for compatibility with older Paramiko or Python
       # versions
       transport.join()
 
+    if errs > 0:
+      sys.exit(1)
+
 
 if __name__ == "__main__":
   main()