On Wed, Jun 13, 2012, Garrison, Jim (ETW) wrote: > Is anybody else having trouble with newer SSL clients (1.0.1c specifically) > causing older servers to hang? >
Yes, see PR#2771. > > Reading the 1.0.1c release notes I see > > 3. If all else fails setting OPENSSL_NO_TLS1_2_CLIENT will disable > TLS 1.2 client support entirely. > > Is this something that can be set at runtime, or is it purely a compile-time > option? Yes you can set SSL_OP_NO_TLSv1_2 and possibly SSL_OP_NO_TLSv1_1 too. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
